2 matches found
PT-2023-33344 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.227 Description: The issue concerns a use-after-free in the ip6 fragment function. This problem was introduced in version v4.13 and is fixed in Linux Kernel version v5.4.227. The actual impact and attack...
QEMU: slirp: use-after-free in ip_reass() function in ip_input.c
A use-after-free flaw was found in the SLiRP networking implementation of the QEMU emulator. Specifically, this flaw occurs in the ipreass routine while reassembling incoming IP fragments whose combined size is bigger than 65k. This flaw allows an attacker to crash the QEMU process on the host,...