Description
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
Exploits
No known exploits found for this CVE.
Search Exploit-DBReferences
secalert@redhat.com
http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.htmlsecalert@redhat.com
http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04598.htmlsecalert@redhat.com
http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04707.htmlsecalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2015-0349.htmlsecalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2015-0624.htmlsecalert@redhat.com
http://www.debian.org/security/2014/dsa-3044secalert@redhat.com
http://www.debian.org/security/2014/dsa-3045secalert@redhat.com
http://www.ubuntu.com/usn/USN-2409-1secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1144818af854a3a-2127-422b-91ae-364da2661108
http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.htmlaf854a3a-2127-422b-91ae-364da2661108
http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04598.htmlaf854a3a-2127-422b-91ae-364da2661108
http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg04707.htmlaf854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2015-0349.htmlaf854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2015-0624.htmlaf854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2014/dsa-3044af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2014/dsa-3045af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-2409-1af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=1144818