oss-sec mailing list archives
CVE-2019-9824 QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables
From: P J P <ppandit () redhat com>
Date: Mon, 18 Mar 2019 12:44:20 +0530 (IST)
Hello,An information leakage issue was found in the SLiRP networking implementation of the QEMU emulator. It occurs in tcp_emu() routine while emulating Identification protocol, when crafted messages are sent to make it return uninitialized variables.
A user/process could use this flaw to read uninitialised stack memory contents from the QEMU process resulting in information leakage.
Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2019-03/msg01871.html This issue was reported by William Bowling. CVE requested via https://cveform.mitre.org/ Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
Current thread:
- CVE-2019-9824 QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables P J P (Mar 18)