CVE search results

11 – 13 of 13 results

Detailed view

Sort by:

CVE-2020-7039

Medium priority

Some fixes available 7 of 10

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS...

4 affected packages

slirp, libslirp, qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
slirp	—	Not affected	Not affected	Not affected	Fixed
libslirp	—	Not affected	Not affected	Not affected	Not in release
qemu	—	Not affected	Not affected	Not affected	Fixed
qemu-kvm	—	Not in release	Not in release	Not in release	Not in release

CVE-2019-15890

Low priority

Some fixes available 18 of 135

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

20 affected packages

vde2, android, libslirp, virtualbox, basilisk2...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
vde2	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
android	Not in release	Not in release	Not in release	Not in release	Not in release
libslirp	Not affected	Not affected	Not affected	Not affected	Not in release
virtualbox	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
basilisk2	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
bochs	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
fs-uae	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
ns3	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
qemu	Fixed	Fixed	Fixed	Fixed	Fixed
qemu-kvm	Not in release	Not in release	Not in release	Not in release	Not in release
qemu-kvm-spice	Not in release	Not in release	Not in release	Not in release	Not in release
qemu-linaro	Not in release	Not in release	Not in release	Not in release	Not in release
slirp	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
virtualbox-hwe	Not in release	Needs evaluation	Needs evaluation	Ignored	Ignored
xen	Not affected	Not affected	Not affected	Not affected	Not affected
redboot-imx	Not in release	Not in release	Not in release	Not in release	Ignored
slirp4netns	Not affected	Not affected	Not affected	Not affected	Not in release
virtualbox-lts-vivid	Not in release	Not in release	Not in release	Not in release	Not in release
virtualbox-lts-wily	Not in release	Not in release	Not in release	Not in release	Not in release
virtualbox-lts-xenial	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2019-14378

Low priority

Some fixes available 18 of 94

ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.

13 affected packages

fs-uae, libslirp, qemu, basilisk2, bochs...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
fs-uae	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
libslirp	Not affected	Not affected	Not affected	Not affected	Not in release
qemu	Fixed	Fixed	Fixed	Fixed	Fixed
basilisk2	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
bochs	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
slirp	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
vde2	Needs evaluation	Needs evaluation	Needs evaluation	Ignored	Ignored
xen	Not affected	Not affected	Not affected	Not affected	Not affected
android	Not in release	Not in release	Not in release	Not in release	Not in release
qemu-kvm	Not in release	Not in release	Not in release	Not in release	Not in release
qemu-kvm-spice	Not in release	Not in release	Not in release	Not in release	Not in release
qemu-linaro	Not in release	Not in release	Not in release	Not in release	Not in release
slirp4netns	Not affected	Not affected	Not affected	Not affected	Not in release

Export to JSON

Results by page:

Search CVE reports