TROYANOSYVIRUS
Retour aux CVEs

CVE-2019-3812

N/A

Description

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.

Details CVE

Score CVSS v3.1N/A
Publie2/19/2019
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0

Produits affectes

canonical:ubuntu_linuxfedoraproject:fedoraopensuse:leapqemu:qemu

Faiblesses (CWE)

CWE-119CWE-125

References

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00094.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00040.html(secalert@redhat.com)
http://www.securityfocus.com/bid/107059(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3812(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/(secalert@redhat.com)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/(secalert@redhat.com)
https://seclists.org/bugtraq/2019/May/76(secalert@redhat.com)
https://usn.ubuntu.com/3923-1/(secalert@redhat.com)
https://www.debian.org/security/2019/dsa-4454(secalert@redhat.com)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00094.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00040.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/107059(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3812(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/(af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/(af854a3a-2127-422b-91ae-364da2661108)
https://seclists.org/bugtraq/2019/May/76(af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3923-1/(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2019/dsa-4454(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.