Unrated severityNVD Advisory· Published Jan 25, 2018· Updated Aug 5, 2024
CVE-2018-5748
CVE-2018-5748
Description
qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
Affected products
20- osv-coords20 versionspkg:rpm/opensuse/libvirt&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSSpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSSpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSSpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2
< 7.7.0-2.1+ 19 more
- (no CPE)range: < 7.7.0-2.1
- (no CPE)range: < 2.0.0-27.29.1
- (no CPE)range: < 3.3.0-5.13.1
- (no CPE)range: < 1.0.5.9-21.5.1
- (no CPE)range: < 1.0.5.9-21.5.1
- (no CPE)range: < 1.0.5.9-21.5.1
- (no CPE)range: < 1.2.5-23.6.1
- (no CPE)range: < 1.2.18.4-22.3.1
- (no CPE)range: < 2.0.0-27.29.1
- (no CPE)range: < 3.3.0-5.13.1
- (no CPE)range: < 1.2.5-27.13.1
- (no CPE)range: < 2.0.0-27.29.1
- (no CPE)range: < 1.2.5-23.6.1
- (no CPE)range: < 1.2.18.4-22.3.1
- (no CPE)range: < 2.0.0-27.29.1
- (no CPE)range: < 3.3.0-5.13.1
- (no CPE)range: < 1.2.5-23.6.1
- (no CPE)range: < 2.0.0-27.29.1
- (no CPE)range: < 3.3.0-5.13.1
- (no CPE)range: < 2.0.0-27.29.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- access.redhat.com/errata/RHSA-2018:1396mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2018:1929mitrevendor-advisoryx_refsource_REDHAT
- www.debian.org/security/2018/dsa-4137mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/102825mitrevdb-entryx_refsource_BID
- lists.debian.org/debian-lts-announce/2018/03/msg00018.htmlmitremailing-listx_refsource_MLIST
- www.redhat.com/archives/libvir-list/2018-January/msg00527.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.