qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
2017-08-02T19:29:00.633
2025-04-20T01:37:25.860
Deferred
CVSSv3.1: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | qemu | qemu | ≤ 2.9.1 | Yes |
| Operating System | debian | debian_linux | 8.0 | Yes |
| Operating System | debian | debian_linux | 9.0 | Yes |
| Application | redhat | virtualization | 3.0 | Yes |
| Application | redhat | virtualization | 4.0 | Yes |
| Operating System | redhat | enterprise_linux | 7.0 | No |
| Application | redhat | openstack | 6.0 | Yes |
| Application | redhat | openstack | 7.0 | Yes |
| Application | redhat | openstack | 8 | Yes |
| Application | redhat | openstack | 9 | Yes |
| Application | redhat | openstack | 10 | Yes |
| Application | redhat | openstack | 11 | Yes |
| Operating System | redhat | enterprise_linux_desktop | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_eus | 7.4 | Yes |
| Operating System | redhat | enterprise_linux_eus | 7.5 | Yes |
| Operating System | redhat | enterprise_linux_eus | 7.6 | Yes |
| Operating System | redhat | enterprise_linux_eus | 7.7 | Yes |
| Operating System | redhat | enterprise_linux_server | 7.0 | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 7.4 | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 7.6 | Yes |
| Operating System | redhat | enterprise_linux_server_aus | 7.7 | Yes |
| Operating System | redhat | enterprise_linux_server_tus | 7.4 | Yes |
| Operating System | redhat | enterprise_linux_server_tus | 7.6 | Yes |
| Operating System | redhat | enterprise_linux_server_tus | 7.7 | Yes |
| Operating System | redhat | enterprise_linux_workstation | 7.0 | Yes |