CVE-2018-16847

Summary

An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.

Affected Software

VendorProductVersion RangeStatus
[UNKNOWN]QEMU:n/aaffected

Weaknesses

  • CWE-787: CWE-787

ADP Enrichment

CVE Program Container

Additional References

References