CVE-2009-3616 — Use After Free in Qemu

CWE-416 — Use After Free6 documents6 sources

Severity

9.9CRITICALNVD

EPSS

0.8%

top 26.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Debian Qemu Redhat Enterprise Linux Server +1 more

Timeline

PublishedOct 23

Latest updateMay 2

Description

Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might allow guest OS users to execute arbitrary code on the host OS by establishing a connection from a VNC client and then (1) disconnecting during data transfer, (2) sending a message using incorrect integer data types, or (3) using the Fuzzy Screen Mode protocol, related to double free vulnerabilities.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 3.1 | Impact: 6.0

Affected Packages5 packages

▶debiandebian/qemu< qemu 0.11.0-1 (bookworm)

▶Debianqemu/qemu< 0.11.0-1+3

▶NVDqemu/qemu0.10.6

▶NVDredhat/enterprise_linux_server5.0

▶NVDredhat/enterprise_linux_workstation5.0

Patches

Patch: www.openwall.com ↗Patch: www.openwall.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-vmwq-xc6v-xj4j: Multiple use-after-free vulnerabilities in vnc↗2022-05-02

▶

OSV

CVE-2009-3616: Multiple use-after-free vulnerabilities in vnc↗2009-10-23

▶

📋Vendor Advisories

Debian

CVE-2009-3616: qemu - Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10....↗2009

▶

📐Framework References

CWE

Use After Free↗

▶

💬Community

Bugzilla

CVE-2009-3616 Remote VNC client can cause any QEMU VNC server to crash with a double-free↗2009-06-12

▶