Vulnerability Description
The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qemu | Qemu | <= 4.0.0 |
Related Weaknesses (CWE)
References
- https://fakhrizulkifli.github.io/posts/2019/06/06/CVE-2019-12929/ExploitThird Party Advisory
- https://fakhrizulkifli.github.io/posts/2019/06/06/CVE-2019-12929/ExploitThird Party Advisory
FAQ
What is CVE-2019-12929?
CVE-2019-12929 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a cr...
How severe is CVE-2019-12929?
CVE-2019-12929 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-12929?
Check the references section above for vendor advisories and patch information. Affected products include: Qemu Qemu.