CVE-2018-16867 HIGH

CVE-2018-16867

Vendor [Unknown]
Product QEMU:
Weakness CWE-362
Published December 12, 2018
Last update August 5, 2024

CVSS base score

7.0/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H

What the vulnerability does

01Description

A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host.

Key dates

02Disclosure timeline

December 12, 2018 CVE published
August 5, 2024 Record updated

Related vulnerabilities

04Related CVE