rpm package
opensuse/libslirp&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/libslirp&distro=openSUSE%20Tumbleweed
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3594 | — | < 4.7.0+44-3.1 | 4.7.0+44-3.1 | Jun 15, 2021 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bound | ||
| CVE-2021-3592 | — | < 4.7.0+44-3.1 | 4.7.0+44-3.1 | Jun 15, 2021 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this | ||
| CVE-2020-10756 | — | < 4.6.1+7-1.2 | 4.6.1+7-1.2 | Jul 9, 2020 | An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of | ||
| CVE-2020-1983 | — | < 4.6.1+7-1.2 | 4.6.1+7-1.2 | Apr 22, 2020 | A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. |
- CVE-2021-3594Jun 15, 2021affected < 4.7.0+44-3.1fixed 4.7.0+44-3.1
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bound
- CVE-2021-3592Jun 15, 2021affected < 4.7.0+44-3.1fixed 4.7.0+44-3.1
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this
- CVE-2020-10756Jul 9, 2020affected < 4.6.1+7-1.2fixed 4.6.1+7-1.2
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of
- CVE-2020-1983Apr 22, 2020affected < 4.6.1+7-1.2fixed 4.6.1+7-1.2
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.