rpm package
suse/qemu&distro=SUSE OpenStack Cloud 9
pkg:rpm/suse/qemu&distro=SUSE%20OpenStack%20Cloud%209
Vulnerabilities (42)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-8608 | Med | 5.6 | < 2.11.2-5.32.1 | 2.11.2-5.32.1 | Feb 6, 2020 | In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. | |
| CVE-2019-15890 | Hig | 7.5 | < 2.11.2-5.32.1 | 2.11.2-5.32.1 | Sep 6, 2019 | libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. |
- affected < 2.11.2-5.32.1fixed 2.11.2-5.32.1
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
- affected < 2.11.2-5.32.1fixed 2.11.2-5.32.1
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
Page 3 of 3