CVE-2018-18438 — Integer Overflow or Wraparound in Redhat Enterprise Linux

CWE-190 — Integer Overflow or Wraparound CWE-122 — Heap-based Buffer Overflow8 documents7 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 74.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Redhat Enterprise Linux Redhat Openstack

Timeline

PublishedOct 19

Latest updateMay 13

Description

Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶Debianqemu/qemu< 1:3.1+dfsg-1+3

▶NVDredhat/openstack5 versions+4

Also affects: Enterprise Linux 6.0, 7.0

Patches

Patch: lists.gnu.org ↗Patch: lists.gnu.org ↗Patch: lists.gnu.org ↗

🔴Vulnerability Details

GHSA

GHSA-5g5x-38wg-3rxr: Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value↗2022-05-13

▶

OSV

CVE-2018-18438: Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value↗2018-10-19

▶

CVEList

CVE-2018-18438: Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value↗2018-10-19

▶

📋Vendor Advisories

Red Hat

Qemu: Integer overflow in ccid_card_vscard_read() allows memory corruption↗2018-10-11

▶

Debian

CVE-2018-18438: qemu - Qemu has integer overflows because IOReadHandler and its associated functions us...↗2018

▶

💬Community

Bugzilla

CVE-2018-18438 qemu: Integer overflow in ccid_card_vscard_read() allows memory corruption [fedora-all]↗2018-10-17

▶

Bugzilla

CVE-2018-18438 Qemu: Integer overflow in ccid_card_vscard_read() allows memory corruption↗2018-07-26

▶