Predictable Temporary File Names in QEMU's slirp_smb Function

Predictable Temporary File Names in QEMU's slirp_smb Function

CVE-2015-4037 · LOW Severity

AV:L/AC:M/AU:N/C:N/I:N/A:P

The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.

Learn more about our User Device Pen Test.