rpm package
suse/qemu&distro=SUSE Linux Enterprise Server 12 SP4-LTSS
pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS
Vulnerabilities (42)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-8608 | — | < 2.11.2-5.32.1 | 2.11.2-5.32.1 | Feb 6, 2020 | In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. | ||
| CVE-2019-15890 | — | < 2.11.2-5.32.1 | 2.11.2-5.32.1 | Sep 6, 2019 | libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. |
- CVE-2020-8608Feb 6, 2020affected < 2.11.2-5.32.1fixed 2.11.2-5.32.1
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
- CVE-2019-15890Sep 6, 2019affected < 2.11.2-5.32.1fixed 2.11.2-5.32.1
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
Page 3 of 3