← back
CVE-2017-10664

CVE-2017-10664

EPSS 4.1%
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/errata/RHSA-2017:2390https://access.redhat.com/errata/RHSA-2017:2445https://access.redhat.com/errata/RHSA-2017:3466https://access.redhat.com/errata/RHSA-2017:3470https://access.redhat.com/errata/RHSA-2017:3471https://access.redhat.com/errata/RHSA-2017:3472https://access.redhat.com/errata/RHSA-2017:3473https://access.redhat.com/errata/RHSA-2017:3474https://bugzilla.redhat.com/show_bug.cgi?id=1466190https://lists.debian.org/debian-lts-announce/2018/11/msg00038.htmlhttps://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02693.htmlhttp://www.debian.org/security/2017/dsa-3920