CVE-2014-3640
Published: 7 November 2014
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
Priority
Status
Package | Release | Status |
---|---|---|
qemu Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
trusty |
Released
(2.0.0+dfsg-2ubuntu1.7)
|
|
upstream |
Needs triage
|
|
utopic |
Released
(2.1+dfsg-4ubuntu6.1)
|
|
Patches: upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=01f7cecf0037997cb0e58ec0d56bf9b5a6f7cb2a |
||
qemu-kvm Launchpad, Ubuntu, Debian |
lucid |
Released
(0.12.3+noroms-0ubuntu9.25)
|
precise |
Released
(1.0+noroms-0ubuntu14.19)
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
utopic |
Does not exist
|