vulnerability
Huawei EulerOS: CVE-2018-16867: qemu-kvm security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:M/Au:N/C:P/I:P/A:P) | Dec 12, 2018 | Aug 28, 2019 | Aug 13, 2025 |
Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
Dec 12, 2018
Added
Aug 28, 2019
Modified
Aug 13, 2025
Description
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host.
Solutions
huawei-euleros-2_0_sp8-upgrade-qemu-audio-alsahuawei-euleros-2_0_sp8-upgrade-qemu-audio-osshuawei-euleros-2_0_sp8-upgrade-qemu-audio-pahuawei-euleros-2_0_sp8-upgrade-qemu-audio-sdlhuawei-euleros-2_0_sp8-upgrade-qemu-block-curlhuawei-euleros-2_0_sp8-upgrade-qemu-block-dmghuawei-euleros-2_0_sp8-upgrade-qemu-block-glusterhuawei-euleros-2_0_sp8-upgrade-qemu-block-iscsihuawei-euleros-2_0_sp8-upgrade-qemu-block-nfshuawei-euleros-2_0_sp8-upgrade-qemu-block-rbdhuawei-euleros-2_0_sp8-upgrade-qemu-block-sshhuawei-euleros-2_0_sp8-upgrade-qemu-commonhuawei-euleros-2_0_sp8-upgrade-qemu-imghuawei-euleros-2_0_sp8-upgrade-qemu-kvmhuawei-euleros-2_0_sp8-upgrade-qemu-system-aarch64huawei-euleros-2_0_sp8-upgrade-qemu-system-aarch64-corehuawei-euleros-2_0_sp8-upgrade-qemu-ui-curseshuawei-euleros-2_0_sp8-upgrade-qemu-ui-gtkhuawei-euleros-2_0_sp8-upgrade-qemu-ui-sdl
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.