Wind River Support Network

HomeDefectsLIN8-12207
Fixed

LIN8-12207 : Security Advisory - qemu - CVE-2019-20382

Created: Mar 5, 2020    Updated: Apr 22, 2022
Resolved Date: Apr 20, 2020
Found In Version: 8.0.0.1
Fix Version: 8.0.0.33
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.

CREATE(Triage):(User=admin) CVE-2019-20382 (https://nvd.nist.gov/vuln/detail/CVE-2019-20382)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube