logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-10756

Description

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.


Affected Software


CPE Name Name Version
libslirp_project:libslirp libslirp project libslirp 4.3.1
redhat:openstack redhat openstack 13
redhat:enterprise_linux redhat enterprise linux 7.0
redhat:enterprise_linux redhat enterprise linux 8.0
redhat:enterprise_linux redhat enterprise linux 8.0
canonical:ubuntu_linux canonical ubuntu linux 16.04
canonical:ubuntu_linux canonical ubuntu linux 18.04
canonical:ubuntu_linux canonical ubuntu linux 20.04
debian:debian_linux debian debian linux 9.0
debian:debian_linux debian debian linux 10.0
opensuse:leap opensuse leap 15.0
opensuse:leap opensuse leap 15.1

Related