Wind River Support Network


LIN5-19732 : Security Advisory - qemu - CVE-2014-3640

Created: Nov 16, 2014    Updated: Dec 19, 2017
Resolved Date: Dec 29, 2014
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace


The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.<a href=>CWE-476: NULL Pointer Dereference</a>

Other Downloads

Live chat