CVE-2017-2630.json

2025-07-29 05:56:59 +00:00 · 2018-07-27 11:45:32 +02:00 · 2018-07-27 11:45:32 +02:00 · 3414a77be8
commit 3414a77be8
parent 6bab7160b3
1 changed files with 75 additions and 16 deletions
--- a/2017/2xxx/CVE-2017-2630.json
+++ b/2017/2xxx/CVE-2017-2630.json
@ -1,18 +1,77 @@
 {
-   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
-      "ID" : "CVE-2017-2630",
-      "STATE" : "RESERVED"
-   },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
-   "description" : {
-      "description_data" : [
-         {
-            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
-         }
-      ]
-   }
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2017-2630",
+        "ASSIGNER": "anemec@redhat.com"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "QEMU",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Qemu:",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "2.9"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-121"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2630",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2630",
+                "refsource": "CONFIRM"
+            }
+        ]
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. The flaw could occur while processing server's response to a 'NBD_OPT_LIST' request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process."
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            [
+                {
+                    "vectorString": "5.5/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L",
+                    "version": "3.0"
+                }
+            ],
+            [
+                {
+                    "vectorString": "4.6/AV:N/AC:H/Au:S/C:P/I:P/A:P",
+                    "version": "2.0"
+                }
+            ]
+        ]
+    }
 }