CVE-2017-10664
published 2017-08-02CVE-2017-10664: qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | qemu | < qemu 1:2.8+dfsg-7 (bookworm) | qemu 1:2.8+dfsg-7 (bookworm) |
| qemu | qemu | <= 2.9.1 | — |
| qemu | qemu | >= 0 < 1:2.8+dfsg-7 | 1:2.8+dfsg-7 |
| qemu | qemu | >= 0 < 1:2.8+dfsg-7 | 1:2.8+dfsg-7 |
| qemu | qemu | >= 0 < 1:2.8+dfsg-7 | 1:2.8+dfsg-7 |
| qemu | qemu | >= 0 < 1:2.8+dfsg-7 | 1:2.8+dfsg-7 |
| qemu | qemu | >= 0 < 2.0.0+dfsg-2ubuntu1.36 | 2.0.0+dfsg-2ubuntu1.36 |
| qemu | qemu | >= 0 < 2.0.0+dfsg-2ubuntu1.35 | 2.0.0+dfsg-2ubuntu1.35 |
| qemu | qemu | >= 0 < 1:2.5+dfsg-5ubuntu10.16 | 1:2.5+dfsg-5ubuntu10.16 |
| qemu | qemu | >= 0 < 1:2.5+dfsg-5ubuntu10.15 | 1:2.5+dfsg-5ubuntu10.15 |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.8HIGH