CVE-2018-16867
Description
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.142
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Machine emulator and virtualizer (USN-3923-1) qemu-system_2.12+dfsg-3ubuntu8.6_i386.deb | Linux |
| Machine emulator and virtualizer (USN-3923-1) qemu-system_2.12+dfsg-3ubuntu8.6_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-3923-1) qemu-system_2.11+dfsg-1ubuntu7.12_i386.deb | Linux |
| Machine emulator and virtualizer (USN-3923-1) qemu-system_2.11+dfsg-1ubuntu7.12_amd64.deb | Linux |
| Machine emulator and virtualizer (USN-3923-1) qemu-system_2.5+dfsg-5ubuntu10.36_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234