CVE-2018-11806: m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

high8.2CVSS 3.1

AVLACLPRHUINSCCHIHAH

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

34 ranges· showing 25

Vendor	Product	Version range	Fixed in
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	qemu	< qemu 1:3.1+dfsg-1 (bookworm)	qemu 1:3.1+dfsg-1 (bookworm)
qemu	qemu	<= 2.12.1	—
qemu	qemu	>= 0 < 1:3.1+dfsg-1	1:3.1+dfsg-1
qemu	qemu	>= 0 < 1:3.1+dfsg-1	1:3.1+dfsg-1
qemu	qemu	>= 0 < 1:3.1+dfsg-1	1:3.1+dfsg-1
qemu	qemu	>= 0 < 1:3.1+dfsg-1	1:3.1+dfsg-1
qemu	qemu	>= 0 < 2.0.0+dfsg-2ubuntu1.44	2.0.0+dfsg-2ubuntu1.44
qemu	qemu	>= 0 < 1:2.5+dfsg-5ubuntu10.33	1:2.5+dfsg-5ubuntu10.33
qemu	qemu	>= 0 < 1:2.11+dfsg-1ubuntu7.8	1:2.11+dfsg-1ubuntu7.8
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_eus	—	—
redhat	enterprise_linux_eus	—	—
redhat	enterprise_linux_eus	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_tus	—	—

nvdv3.18.2HIGHCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

osv8.2HIGH