RSS   Vulnerabilities for 'Libslirp'   RSS

2020-02-06
 
CVE-2020-8608

CWE-120
 

 
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

 
2020-01-16
 
CVE-2020-7039

CWE-787
 

 
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.

 
2019-09-06
 
CVE-2019-15890

CWE-416
 

 
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

 
2019-07-29
 
CVE-2019-14378

CWE-119
 

 
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.

 


Copyright 2020, cxsecurity.com

 

Back to Top