Your submission was sent successfully! Close

CVE-2015-4037

Published: 23 May 2015

The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.

Priority

Low

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.0.0+dfsg-2ubuntu1.13)
Patches:
Upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=8b8f1c7e9ddb2e88a144638f6527bf70e32343e3
qemu-kvm
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist