CVE-2018-20216 — Unchecked Return Value in Qemu

CWE-252 — Unchecked Return Value CWE-835 — Infinite Loop9 documents7 sources

Severity

7.5HIGHNVD

OSV7.8

EPSS

0.5%

top 34.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Debian Qemu Canonical Ubuntu Linux

Timeline

PublishedDec 20

Latest updateMay 13

Description

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/qemu< qemu 1:4.1-1 (bookworm)

▶Debianqemu/qemu< 1:4.1-1+3

▶Ubuntuqemu/qemu< 2.0.0+dfsg-2ubuntu1.45+2

▶NVDqemu/qemu3.1.0

Also affects: Ubuntu Linux 14.04, 16.04, 18.04, 18.10

Patches

Patch: www.openwall.com ↗Patch: lists.gnu.org ↗Patch: www.openwall.com ↗

🔴Vulnerability Details

GHSA

GHSA-ffw8-c3v5-857j: QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring↗2022-05-13

▶

OSV

qemu vulnerabilities↗2019-03-27

▶

OSV

CVE-2018-20216: QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring↗2018-12-20

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2019-03-27

▶

Red Hat

QEMU: pvrdma: infinite loop in pvrdma_qp_send/recv↗2018-12-11

▶

Debian

CVE-2018-20216: qemu - QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return v...↗2018

▶

💬Community

Bugzilla

CVE-2018-20216 qemu: pvrdma: infinite loop in pvrdma_qp_send/recv [fedora-all]↗2018-12-20

▶

Bugzilla

CVE-2018-20216 QEMU: pvrdma: infinite loop in pvrdma_qp_send/recv↗2018-12-19

▶