Denial of service vulnerability in slirp/udp.c in qemu-kvm - CVE-2014-3640| Deprecated |
| ID: oval:org.secpod.oval:def:21824 | Date: (C)2014-12-01 (M)2023-12-07 |
| Class: VULNERABILITY | Family: unix |
The host is installed with qemu-kvm before 2.1.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which triggers access of an uninitialized socket. Successful exploitation allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address.
| Platform: |
| Red Hat Enterprise Linux 6 |
| Red Hat Enterprise Linux 7 |
