CVE-2018-16867
Summary
| CVE | CVE-2018-16867 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-12-12 13:29:00 UTC |
| Updated | 2023-11-07 02:53:00 UTC |
| Description | A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host. |
Risk And Classification
Problem Types: CWE-362
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.10 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.10 | All | All | All |
| Operating System | Fedoraproject | Fedora | 29 | All | All | All |
| Operating System | Fedoraproject | Fedora | 29 | All | All | All |
| Application | Qemu | Qemu | 3.1.0 | rc0 | All | All |
| Application | Qemu | Qemu | 3.1.0 | rc1 | All | All |
| Application | Qemu | Qemu | 3.1.0 | rc2 | All | All |
| Application | Qemu | Qemu | 3.1.0 | rc3 | All | All |
| Application | Qemu | Qemu | 3.1.0 | rc0 | All | All |
| Application | Qemu | Qemu | 3.1.0 | rc1 | All | All |
| Application | Qemu | Qemu | 3.1.0 | rc2 | All | All |
| Application | Qemu | Qemu | 3.1.0 | rc3 | All | All |
| Application | Qemu | Qemu | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [SECURITY] Fedora 29 Update: qemu-3.0.0-4.fc29 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | Mailing List, Release Notes, Third Party Advisory |
| QEMU CVE-2018-16867 Directory Traversal Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| [SECURITY] Fedora 29 Update: qemu-3.0.0-4.fc29 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| 1654885 – (CVE-2018-16867) CVE-2018-16867 QEMU: dev-mtp: path traversal in usb_mtp_write_data of the Media Transfer Protocol (MTP) | CONFIRM | bugzilla.redhat.com | Issue Tracking, Patch, Third Party Advisory |
| oss-security - CVE-2018-16867 QEMU: dev-mtp: path traversal in usb_mtp_write_data of the Media Transfer Protocol (MTP) | MLIST | www.openwall.com | Mailing List, Patch, Third Party Advisory |
| USN-3923-1: QEMU vulnerabilities | Ubuntu security notices | UBUNTU | usn.ubuntu.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.