CVE-2024-3567

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description A flaw was found in QEMU, related to an assertion failure in the update sctp checksum() function when calculating the checksum of a short-sized fragmented packet. This issue allows a malicious guest to crash QEMU, causing a denial of service condition. The flaw is present in the hw/net/net tx pkt.c file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

ALT-PU-2024-7560

ALT-PU-2024-9452

ALT-PU-2024-9806

AZL-43050

BDU:2024-04887

CVE-2024-3567

INFSA-2025_4492

OPENSUSE-SU-2024:13876-1

RHSA-2025:4492

RHSA-2025_4492

SUSE-SU-2025:20011-1

USN-7744-1

Affected Products

Alt Linux

Linuxmint

Qemu

Red Hat

Red Os

Rocky Linux

Ubuntu

CVE-2024-3567

Weakness Enumeration

Related Identifiers

Affected Products

References · 55