2014-10-01
ALT-BU-2014-3018-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2014-11-07
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-3640
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
Severity: LOW (2.1)
References:
- [Qemu-devel] 20140918 [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
- [Qemu-devel] 20140918 [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
- [Qemu-devel] 20140923 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
- [Qemu-devel] 20140923 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
- [Qemu-devel] 20140924 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
- [Qemu-devel] 20140924 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
- RHSA-2015:0349
- RHSA-2015:0349
- RHSA-2015:0624
- RHSA-2015:0624
- DSA-3044
- DSA-3044
- DSA-3045
- DSA-3045
- USN-2409-1
- USN-2409-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1144818
- https://bugzilla.redhat.com/show_bug.cgi?id=1144818