CVE-2018-16872 — Time-of-check Time-of-use (TOCTOU) Race Condition in Qemu
Severity
5.3MEDIUMNVD
OSV7.8
EPSS
0.3%
top 49.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 13
Latest updateMay 13
Description
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read a…
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6
Affected Packages5 packages
Also affects: Debian Linux 8.0, 9.0, Fedora 29, 30, Ubuntu Linux 14.04, 16.04, 18.04, 18.10