{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T20:30:44.663","vulnerabilities":[{"cve":{"id":"CVE-2018-10839","sourceIdentifier":"secalert@redhat.com","published":"2018-10-16T14:29:01.197","lastModified":"2024-11-21T03:42:06.957","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS."},{"lang":"es","value":"El emulador Qemu en versiones iguales o anteriores a la 3.0.0 con soporte para emulación NE2000 NIC es vulnerable a un desbordamiento de enteros, lo que podría conducir a un problema de desbordamiento de búfer. Podría ocurrir al recibir paquetes por red. Un usuario en el guest podría emplear este error para provocar el cierre inesperado del proceso Qemu, lo que resulta en una denegación de servicio (DoS)."}],"metrics":{"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","versionEndIncluding":"3.0.0","matchCriteriaId":"16AFB9CD-95CF-4552-A8C1-1B4F496925B6"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","matchCriteriaId":"B5A6F2F3-4894-4392-8296-3B8DD2679084"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","matchCriteriaId":"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","matchCriteriaId":"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","matchCriteriaId":"07C312A0-CD2C-4B9C-B064-6409B25C278F"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2019:2892","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10839","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03273.html","source":"secalert@redhat.com","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3826-1/","source":"secalert@redhat.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4338","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://www.openwall.com/lists/oss-security/2018/10/08/1","source":"secalert@redhat.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:2892","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10839","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03273.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3826-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4338","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.openwall.com/lists/oss-security/2018/10/08/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}