Main Vulnerability Database Vulnerabilities #VU6942

Memory corruption in QEMU - CVE-2017-8309

Published: June 6, 2017 / Updated: June 8, 2017

Vulnerability identifier: #VU6942

CSH Severity: Low

CVSS v4.0:

CVE-ID: CVE-2017-8309

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: QEMU

Affected software:
QEMU

Detailed vulnerability description

Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.

How to mitigate CVE-2017-8309

Update to version 2.9.0-r2.

Sources

https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05587.html

Memory corruption in QEMU - CVE-2017-8309

Detailed vulnerability description

How to mitigate CVE-2017-8309

Sources

Please verify you're human