First published: Tue Aug 29 2017(Updated: )
Quick emulator(Qemu) built with the Slirp networking support is vulnerable to an use-after-free issue. It occurs due to Socket referenced from multiple packets is freed while responding to a message. A user/process could use this flaw to crash the Qemu process on the host resulting in DoS. Upstream patch: --------------- -> <a href="https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg05201.html">https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg05201.html</a> Reference: ---------- -> <a href="http://www.openwall.com/lists/oss-security/2017/08/29/6">http://www.openwall.com/lists/oss-security/2017/08/29/6</a>
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
QEMU KVM | <=2.10.1 | |
Debian Debian Linux | =9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.