Back to search
CVE-2014-3640
Published: Nov 7, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-3045
vendor-advisory
x_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=1144818
x_refsource_CONFIRM
RHSA-2015:0624
vendor-advisory
x_refsource_REDHAT
RHSA-2015:0349
vendor-advisory
x_refsource_REDHAT
DSA-3044
vendor-advisory
x_refsource_DEBIAN
[Qemu-devel] 20140923 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
mailing-list
x_refsource_MLIST
[Qemu-devel] 20140918 [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
mailing-list
x_refsource_MLIST
[Qemu-devel] 20140924 Re: [PATCH v2] slirp: udp: fix NULL pointer dereference because of uninitialized socket
mailing-list
x_refsource_MLIST
USN-2409-1
vendor-advisory
x_refsource_UBUNTU
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now