CVE-2019-6778

Name of the Vulnerable Software and Affected Versions QEMU version 3.0.0

Description The issue is related to a heap-based buffer overflow in the tcp emu function within the slirp/tcp subr.c file of the QEMU emulator. This overflow is associated with the sc rcv->sb data buffer. Exploitation of this issue may allow an attacker to cause a denial of service.

Recommendations For QEMU version 3.0.0, as a temporary workaround, consider disabling the tcp emu function until a patch is available. Restrict access to the slirp/tcp subr.c module to minimize the risk of exploitation. Avoid using the sc rcv->sb data buffer in the affected TCP/IP emulation until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.