Improper i/o watch removal in tls handshake can lead to remote unauthenticated denial of service
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.
Affected products
Matching in nixpkgs
pkgs.qemu
Generic and open source machine emulator and virtualizer
-
nixos-unstable -
- nixpkgs-unstable 10.1.0
pkgs.qemu_kvm
Generic and open source machine emulator and virtualizer
-
nixos-unstable -
- nixpkgs-unstable 10.1.0
pkgs.qemu_xen
Generic and open source machine emulator and virtualizer
-
nixos-unstable -
- nixpkgs-unstable 10.1.0
pkgs.qemu-user
QEMU User space emulator - launch executables compiled for one CPU on another CPU
-
nixos-unstable -
- nixpkgs-unstable 10.1.0
pkgs.qemu_full
Generic and open source machine emulator and virtualizer
-
nixos-unstable -
- nixpkgs-unstable 10.1.0
pkgs.qemu_test
Generic and open source machine emulator and virtualizer
-
nixos-unstable -
- nixpkgs-unstable 10.1.0
pkgs.qemu-utils
Generic and open source machine emulator and virtualizer
-
nixos-unstable -
- nixpkgs-unstable 10.1.0
pkgs.canokey-qemu
CanoKey QEMU Virt Card
-
nixos-unstable -
- nixpkgs-unstable 0-unstable-2023-06-06
pkgs.ubootQemuX86
Boot loader for embedded systems
-
nixos-unstable -
- nixpkgs-unstable x86_defconfig-2025.07
pkgs.ubootQemuX86_64
Boot loader for embedded systems
-
nixos-unstable -
- nixpkgs-unstable x86_64_defconfig-2025.07
pkgs.ubootQemuAarch64
Boot loader for embedded systems
-
nixos-unstable -
- nixpkgs-unstable qemu_arm64_defconfig-2025.07
pkgs.qemu-python-utils
Python tooling used by the QEMU project to build, configure, and test QEMU
-
nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1
pkgs.armTrustedFirmwareQemu
Reference implementation of secure world software for ARMv8-A
-
nixos-unstable -
- nixpkgs-unstable 2.13.0
pkgs.python312Packages.qemu
Python tooling used by the QEMU project to build, configure, and test QEMU
-
nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1
pkgs.python313Packages.qemu
Python tooling used by the QEMU project to build, configure, and test QEMU
-
nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1
pkgs.python312Packages.qemu-qmp
Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers
-
nixos-unstable -
- nixpkgs-unstable 0.0.3
pkgs.python313Packages.qemu-qmp
Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers
-
nixos-unstable -
- nixpkgs-unstable 0.0.3
Package maintainers
-
@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
-
@oxalica oxalica <oxalicc@pm.me>
-
@devplayer0 Jack O'Sullivan <dev@nul.ie>
-
@DavHau David Hauer <d.hauer.it@gmail.com>
-
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
-
@alyssais Alyssa Ross <hi@alyssa.is>
-
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
-
@hehongbo Hongbo
-
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
-
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>