← Back

CVE-2014-3640

nvd nist
Published: Nov 7, 2014Modified: May 6, 2026

JSON object

Loading...
2.1
Vector
AV:L/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 3.9 / Impact: 2.9
Source: NVD

Description

The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.

Affected (22)

Show all products
Debian: Debian Linux · Qemu: Qemu · Redhat: Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server, Enterprise Linux Workstation · Canonical: Ubuntu Linux
Debian
1 product
Debian Linux
Qemu
1 product
Qemu
Redhat
4 products
Enterprise Linux Desktop
Enterprise Linux Hpc Node
Enterprise Linux Server
Enterprise Linux Workstation
Canonical
1 product
Ubuntu Linux
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 7.0
Configuration B
13 vulnerable
Vulnerable SoftwareAffected Versions
Qemu
Qemu
Version 2.0.0
Qemu
Version 2.0.0 rc0
Qemu
Version 2.0.0 rc1
Qemu
Version 2.0.0 rc2
Qemu
Version 2.0.0 rc3
Qemu
Version 2.0.2
Qemu
Version 2.1.0
Qemu
Version 2.1.0 rc0
Qemu
Version 2.1.0 rc1
Qemu
Version 2.1.0 rc2
Qemu
Version 2.1.0 rc3
Qemu
Version 2.1.0 rc5
Qemu
Version 2.1.1
Configuration C
4 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux Desktop
Version 7.0
Enterprise Linux Hpc Node
Version 7.0
Enterprise Linux Server
Version 7.0
Enterprise Linux Workstation
Version 7.0
Configuration D
4 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 10.04
Ubuntu Linux
Version 12.04
Ubuntu Linux
Version 14.04
Ubuntu Linux
Version 14.10

Related CWEs

CWE-476
NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

References (18)

Source: secalert@redhat.com
PatchVendor Advisory
Source: secalert@redhat.com
PatchVendor Advisory
Source: secalert@redhat.com
PatchVendor Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Issue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking

Timeline

No history available yet.