Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Libslirp Project Subscribe
Filtered by product Libslirp

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-10756 5 Canonical, Debian, Libslirp Project and 2 more 6 Ubuntu Linux, Debian Linux, Libslirp and 3 more 2021-08-04 2.1 LOW 6.5 MEDIUM
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.
CVE-2020-29130 3 Debian, Fedoraproject, Libslirp Project 3 Debian Linux, Fedora, Libslirp 2021-02-24 4.0 MEDIUM 4.3 MEDIUM
slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
CVE-2020-7039 4 Debian, Libslirp Project, Opensuse and 1 more 4 Debian Linux, Libslirp, Leap and 1 more 2021-02-14 6.8 MEDIUM 5.6 MEDIUM
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
CVE-2020-8608 3 Debian, Libslirp Project, Opensuse 3 Debian Linux, Libslirp, Leap 2021-02-14 6.8 MEDIUM 5.6 MEDIUM
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
CVE-2020-29129 1 Libslirp Project 1 Libslirp 2020-12-13 4.0 MEDIUM 4.3 MEDIUM
ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
CVE-2020-1983 3 Fedoraproject, Libslirp Project, Opensuse 3 Fedora, Libslirp, Leap 2020-07-26 2.1 LOW 6.5 MEDIUM
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.