Back to search
CVE-2017-10664
Published: Aug 2, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-3920
vendor-advisory
x_refsource_DEBIAN
RHSA-2017:2445
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3473
vendor-advisory
x_refsource_REDHAT
99513
vdb-entry
x_refsource_BID
[qemu-devel] 20170611 [PATCH] qemu-nbd: Ignore SIGPIPE
mailing-list
x_refsource_MLIST
RHSA-2017:3470
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3472
vendor-advisory
x_refsource_REDHAT
RHSA-2017:3474
vendor-advisory
x_refsource_REDHAT
[oss-security] 20170629 CVE-2017-10664 Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort
mailing-list
x_refsource_MLIST
RHSA-2017:3471
vendor-advisory
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=1466190
x_refsource_MISC
RHSA-2017:3466
vendor-advisory
x_refsource_REDHAT
[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
mailing-list
x_refsource_MLIST
RHSA-2017:2390
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now