{"containers": {"cna": {"affected": [{"product": "vdsm", "vendor": "[UNKNOWN]", "versions": [{"status": "affected", "version": "4.20.37"}]}], "datePublic": "2018-08-08T00:00:00", "descriptions": [{"lang": "en", "value": "It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-770", "description": "CWE-770", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-10-08T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10908"}, {"name": "RHEA-2018:2624", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHEA-2018:2624"}, {"tags": ["x_refsource_MISC"], "url": "http://lists.nongnu.org/archive/html/qemu-block/2018-07/msg00488.html"}, {"tags": ["x_refsource_MISC"], "url": "https://gerrit.ovirt.org/#/c/93195/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2018-10908", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "vdsm", "version": {"version_data": [{"version_value": "4.20.37"}]}}]}, "vendor_name": "[UNKNOWN]"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host."}]}, "impact": {"cvss": [[{"vectorString": "6.5/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}]]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}, {"description": [{"lang": "eng", "value": "CWE-770"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10908", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10908"}, {"name": "RHEA-2018:2624", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHEA-2018:2624"}, {"name": "http://lists.nongnu.org/archive/html/qemu-block/2018-07/msg00488.html", "refsource": "MISC", "url": "http://lists.nongnu.org/archive/html/qemu-block/2018-07/msg00488.html"}, {"name": "https://gerrit.ovirt.org/#/c/93195/", "refsource": "MISC", "url": "https://gerrit.ovirt.org/#/c/93195/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T07:54:35.199Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10908"}, {"name": "RHEA-2018:2624", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHEA-2018:2624"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lists.nongnu.org/archive/html/qemu-block/2018-07/msg00488.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://gerrit.ovirt.org/#/c/93195/"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2018-10908", "datePublished": "2018-08-09T19:00:00", "dateReserved": "2018-05-09T00:00:00", "dateUpdated": "2024-08-05T07:54:35.199Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*", "matchCriteriaId": "576B5C32-2CA0-44C2-B45F-C9A19F631954", "versionEndExcluding": "4.20.37", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host."}, {"lang": "es", "value": "Se ha detectado que vdsm en versiones anteriores a la 4.20.37 invoca qemu-img en entradas no fiables sin limitar recursos. Mediante la subida de una imagen especialmente manipulada, un atacante podr\u00eda provocar que el proceso qemu-img consuma cantidades ilimitadas de memoria del tiempo de CPU, provocando una denegaci\u00f3n de servicio (DoS) que podr\u00eda afectar a otros usuarios del host."}], "id": "CVE-2018-10908", "lastModified": "2024-11-21T03:42:16.757", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-08-09T19:29:00.207", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Vendor Advisory"], "url": "http://lists.nongnu.org/archive/html/qemu-block/2018-07/msg00488.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHEA-2018:2624"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10908"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://gerrit.ovirt.org/#/c/93195/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Vendor Advisory"], "url": "http://lists.nongnu.org/archive/html/qemu-block/2018-07/msg00488.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHEA-2018:2624"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10908"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://gerrit.ovirt.org/#/c/93195/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-770"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Nir Soffer (Red Hat).", "affected_release": [{"advisory": "RHEA-2018:2624", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "vdsm-0:4.20.39-1.el7ev", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-09-04T00:00:00Z"}], "bugzilla": {"description": "vdsm: calls to qemu-img are not protected by prlimit/ulimit", "id": "1605065", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1605065"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-20->CWE-770", "details": ["It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host.", "It was found that vdsm would invoke qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host."], "name": "CVE-2018-10908", "package_state": [{"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Not affected", "package_name": "vdsm", "product_name": "Red Hat Storage 3"}], "public_date": "2018-08-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-10908\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-10908\nhttps://gerrit.ovirt.org/#/c/93195/"], "statement": "Red Hat Enterprise Virtualization 3 is now in Extended Life Phase of the support and maintenance lifecycle. Red Hat Product Security has rated this issue as having a security impact of Moderate, and it is not currently planned to be addressed in future updates of Red Hat Virtualization 3. For additional information, refer to the Red Hat Virtualization Life Cycle: https://access.redhat.com/support/policy/updates/rhev/", "threat_severity": "Moderate"}

{}