What is the severity of CVE-2018-20126?

CVE-2018-20126 is classified as a medium severity vulnerability due to memory leaks caused by mishandled errors in QEMU.

How do I fix CVE-2018-20126?

To fix CVE-2018-20126, upgrade to a patched version of QEMU that resolves the memory leak issues.

Which versions of QEMU are affected by CVE-2018-20126?

CVE-2018-20126 affects all versions of QEMU up to 3.1.0 and specific Debian and Ubuntu releases as noted.

What is the impact of CVE-2018-20126 on QEMU?

The impact of CVE-2018-20126 includes potential memory exhaustion over time, which could lead to denial of service.

Is CVE-2018-20126 present in Ubuntu 16.04?

Yes, CVE-2018-20126 is present in Ubuntu 16.04 along with several other affected versions of Ubuntu.

Vulnerability/
CVE-2018-20126

medium

5.5

CWE

772

20/12/2018

21/11/2024

CVE-2018-20126

First published: Thu Dec 20 2018(Updated: )

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
debian/qemu		1:5.2+dfsg-11+deb11u3 1:5.2+dfsg-11+deb11u2 1:7.2+dfsg-7+deb12u7 1:9.1.2+ds-1 1:9.2.0+ds-2
QEMU KVM	<=3.1.0
Ubuntu Linux	=14.04
Ubuntu Linux	=16.04
Ubuntu Linux	=18.04
Ubuntu Linux	=18.10
openSUSE	=15.0
openSUSE	=15.1

Remedy

http://www.openwall.com/lists/oss-security/2018/12/19/4

Remedy

https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02824.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-20126?
CVE-2018-20126 is classified as a medium severity vulnerability due to memory leaks caused by mishandled errors in QEMU.
How do I fix CVE-2018-20126?
To fix CVE-2018-20126, upgrade to a patched version of QEMU that resolves the memory leak issues.
Which versions of QEMU are affected by CVE-2018-20126?
CVE-2018-20126 affects all versions of QEMU up to 3.1.0 and specific Debian and Ubuntu releases as noted.
What is the impact of CVE-2018-20126 on QEMU?
The impact of CVE-2018-20126 includes potential memory exhaustion over time, which could lead to denial of service.
Is CVE-2018-20126 present in Ubuntu 16.04?
Yes, CVE-2018-20126 is present in Ubuntu 16.04 along with several other affected versions of Ubuntu.

agent/type
collector/launchpad-cve
source/Launchpad
agent/author
agent/severity
agent/weakness
collector/mitre-cve
source/MITRE
collector/usn-cve
source/Ubuntu
agent/references
agent/remedy
agent/first-publish-date
agent/description
agent/event
agent/last-modified-date
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
agent/trending
agent/source
agent/softwarecombine
agent/tags
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-index
package-manager/debian
vendor/qemu
canonical/qemu kvm
version/qemu kvm/3.1.0
vendor/canonical
canonical/ubuntu linux
version/ubuntu linux/14.04
version/ubuntu linux/16.04
version/ubuntu linux/18.04
version/ubuntu linux/18.10
vendor/opensuse
canonical/opensuse
version/opensuse/15.0
version/opensuse/15.1

Frequently Asked Questions

What is the severity of CVE-2018-20126?
CVE-2018-20126 is classified as a medium severity vulnerability due to memory leaks caused by mishandled errors in QEMU.
How do I fix CVE-2018-20126?
To fix CVE-2018-20126, upgrade to a patched version of QEMU that resolves the memory leak issues.
Which versions of QEMU are affected by CVE-2018-20126?
CVE-2018-20126 affects all versions of QEMU up to 3.1.0 and specific Debian and Ubuntu releases as noted.
What is the impact of CVE-2018-20126 on QEMU?
The impact of CVE-2018-20126 includes potential memory exhaustion over time, which could lead to denial of service.
Is CVE-2018-20126 present in Ubuntu 16.04?
Yes, CVE-2018-20126 is present in Ubuntu 16.04 along with several other affected versions of Ubuntu.

CVE-2018-20126

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-20126?

How do I fix CVE-2018-20126?

Which versions of QEMU are affected by CVE-2018-20126?

What is the impact of CVE-2018-20126 on QEMU?

Is CVE-2018-20126 present in Ubuntu 16.04?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2018-20126?

How do I fix CVE-2018-20126?

Which versions of QEMU are affected by CVE-2018-20126?

What is the impact of CVE-2018-20126 on QEMU?

Is CVE-2018-20126 present in Ubuntu 16.04?