CVE-2018-18849

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-18849

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-18849.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-18849

Downstream

BELL-CVE-2018-18849

DEBIAN-CVE-2018-18849

DLA-1781-1

DSA-4454-1

SUSE-SU-2018:3912-1

SUSE-SU-2018:3927-1

SUSE-SU-2018:3973-1

SUSE-SU-2018:3973-2

SUSE-SU-2018:3975-1

SUSE-SU-2018:3987-1

SUSE-SU-2018:4070-1

SUSE-SU-2018:4129-1

SUSE-SU-2018:4185-1

SUSE-SU-2018:4237-1

SUSE-SU-2019:0003-1

SUSE-SU-2019:0020-1

SUSE-SU-2019:0825-1

SUSE-SU-2019:0827-1

SUSE-SU-2019:13921-1

SUSE-SU-2019:14011-1

UBUNTU-CVE-2018-18849

USN-3826-1

Related

Published

2019-03-21T16:00:29.547Z

Modified

2026-02-20T07:15:55.651649Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In Qemu 3.0.0, lsidomsgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.

References

Affected packages

Git / gitlab.com/graphviz/graphviz

Affected ranges

Type: GIT
Repo: https://gitlab.com/graphviz/graphviz
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

24cf7232bb8728823466e0ef536862013893e567

Affected versions

2.*

2.38.0

2.40.0

2.40.1

2.42.0

2.42.2

2.42.3

2.42.4

2.44.0

2.44.1

2.46.0

2.46.1

2.47.0

2.47.1

2.47.2

2.47.3

2.48.0

2.49.0

2.49.1

2.49.2

2.49.3

2.50.0

3.*

3.0.0

Other

LAST_LIBGRAPH

TRAVIS_CI_BUILD_EXPERIMENTAL

stable_release_2.*

stable_release_2.42.0

stable_release_2.42.2

stable_release_2.42.3

stable_release_2.42.4

stable_release_2.44.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-18849.json"