Lucene search

[email protected]CVE-2019-14378

HistoryJul 29, 2019 - 11:15 a.m.

CVE-2019-14378

2019-07-2911:15:00

CWE-755

CWE-787

[email protected]

web.nvd.nist.gov

321

cve-2019-14378

ip_reass

ip_input.c

libslirp

heap-based buffer overflow

nvd

vulnerability

security

fragmentation

packet handling

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.5%

JSON

ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.

CPENameOperatorVersion
libslirp_project:libslirplibslirp project libslirpeq4.0.0

CPE	Name	Operator	Version
libslirp_project:libslirp	libslirp project libslirp	eq	4.0.0

References

lists.opensuse.org/opensuse-security-announce/2019-09/msg00000.html

lists.opensuse.org/opensuse-security-announce/2019-09/msg00008.html

lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html

packetstormsecurity.com/files/154269/QEMU-Denial-Of-Service.html

www.openwall.com/lists/oss-security/2019/08/01/2

access.redhat.com/errata/RHSA-2019:3179

access.redhat.com/errata/RHSA-2019:3403

access.redhat.com/errata/RHSA-2019:3494

access.redhat.com/errata/RHSA-2019:3742

access.redhat.com/errata/RHSA-2019:3787

access.redhat.com/errata/RHSA-2019:3968

access.redhat.com/errata/RHSA-2019:4344

access.redhat.com/errata/RHSA-2020:0366

access.redhat.com/errata/RHSA-2020:0775

blog.bi0s.in/2019/08/24/Pwn/VM-Escape/2019-07-29-qemu-vm-escape-cve-2019-14378/

gitlab.freedesktop.org/slirp/libslirp/commit/126c04acbabd7ad32c2b018fe10dfac2a3bc1210

lists.debian.org/debian-lts-announce/2019/09/msg00021.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPLHB2AN663OXAWUQURF7J2X5LHD4VD3/

news.ycombinator.com/item?id=20799010

seclists.org/bugtraq/2019/Aug/41

seclists.org/bugtraq/2019/Sep/3

support.f5.com/csp/article/K25423748

support.f5.com/csp/article/K25423748?utm_source=f5support&amp%3Butm_medium=RSS

usn.ubuntu.com/4191-1/

usn.ubuntu.com/4191-2/

www.debian.org/security/2019/dsa-4506

www.debian.org/security/2019/dsa-4512

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.5%

JSON

Related for CVE-2019-14378

prion1 fedora1 nessus55 redhat14 openvas29 ubuntucve1 redhatcve1 amazon2 f51 osv8 veracode1 packetstorm1 zdt1 debiancve1 oraclelinux14 rocky2 centos2 debian3 almalinux2 suse3 ubuntu2 ibm1