CVE-2014-3640

Priority
Description
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local
users to cause a denial of service (NULL pointer dereference) by sending a
udp packet with a value of 0 in the source port and address, which triggers
access of an uninitialized socket.
Assigned-to
mdeslaur
Notes
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.7)
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=01f7cecf0037997cb0e58ec0d56bf9b5a6f7cb2a
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
More Information

Updated: 2020-07-28 19:52:09 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)