CVE-2017-12809

Published: Aug 23, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

DSA-3991

vendor-advisory

x_refsource_DEBIAN

[qemu-devel] 20170809 [Qemu-devel] [PATCH 1/2] IDE: Do not flush empty CDROM drives

mailing-list

x_refsource_MLIST

100451

vdb-entry

x_refsource_BID

[oss-security] 20170821 CVE-2017-12809 Qemu: ide: flushing of empty CDROM drives leads to NULL dereference

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-12809

Description

Affected Products

References