Back to search
CVE-2015-4037
Published: Aug 26, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-2630-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2015:1152
vendor-advisory
x_refsource_SUSE
[oss-security] 20150523 Re: QEMU 2.3.0 tmp vulns CVE request
mailing-list
x_refsource_MLIST
SUSE-SU-2015:1519
vendor-advisory
x_refsource_SUSE
FEDORA-2015-9599
vendor-advisory
x_refsource_FEDORA
FEDORA-2015-9601
vendor-advisory
x_refsource_FEDORA
[oss-security] 20150516 Re: QEMU 2.3.0 tmp vulns CVE request
mailing-list
x_refsource_MLIST
DSA-3284
vendor-advisory
x_refsource_DEBIAN
1032547
vdb-entry
x_refsource_SECTRACK
openSUSE-SU-2015:1965
vendor-advisory
x_refsource_SUSE
74809
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=1222892
x_refsource_CONFIRM
[oss-security] 20150513 QEMU 2.3.0 tmp vulns CVE request
mailing-list
x_refsource_MLIST
DSA-3285
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now