Wind River Support Network

HomeDefectsLIN9-9684
Fixed

LIN9-9684 : Security Advisory - qemu - CVE-2019-20382

Created: Mar 5, 2020    Updated: Apr 22, 2022
Resolved Date: Mar 15, 2020
Found In Version: 9.0.0.1
Fix Version: 9.0.0.25
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.

CREATE(Triage):(User=admin) CVE-2019-20382 (https://nvd.nist.gov/vuln/detail/CVE-2019-20382)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube