CVE-2017-10664

Опубликовано: 02 авг. 2017

Источник: debian

EPSS Низкий

Описание

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qemu	fixed	1:2.8+dfsg-7		package
qemu-kvm	removed			package

Примечания

https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02693.html
Fixed by (master): http://git.qemu.org/?p=qemu.git;a=commitdiff;h=041e32b8d9d076980b4e35317c0339e57ab888f1

EPSS

Процентиль: 89%

0.05034

Низкий

Связанные уязвимости

CVE-2017-10664

CVSS3: 7.5

ubuntu

больше 8 лет назад

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.

CVE-2017-10664

CVSS3: 5.3

redhat

больше 8 лет назад

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.

CVE-2017-10664

CVSS3: 7.5

nvd

больше 8 лет назад

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.

GHSA-79rh-2xp8-h9rm

CVSS3: 7.5

github

больше 3 лет назад

qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.

ELSA-2017-2445

oracle-oval

больше 8 лет назад

ELSA-2017-2445: qemu-kvm security update (MODERATE)

EPSS

Процентиль: 89%

0.05034

Низкий