Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host.
CVSS Information
N/A
Vulnerability Type
使用共享资源的并发执行不恰当同步问题(竞争条件)
Vulnerability Title
QEMU 安全漏洞
Vulnerability Description
QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 3.1.0之前版本中的媒体传输协议存在安全漏洞,该漏洞源于程序没有正确地对用户名进行过滤。攻击者可利用该漏洞写入和读取任意文件,造成拒绝服务或可能在主机上执行代码。
CVSS Information
N/A
Vulnerability Type
N/A