Denial of service vulnerability in slirp/udp.c in qemu-kvm - CVE-2014-3640
|ID: oval:org.secpod.oval:def:21824||Date: (C)2014-12-01 (M)2017-11-07|
|Class: VULNERABILITY||Family: unix|
The host is installed with qemu-kvm before 2.1.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which triggers access of an uninitialized socket. Successful exploitation allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address.
|Red Hat Enterprise Linux 6|
|Red Hat Enterprise Linux 7|