3 matches found
QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu()
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the tcpemu routine while emulating IRC and other protocols. An attacker could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential...
QEMU: Slirp: use-after-free during packet reassembly
A use-after-free issue was found in the SLiRP networking implementation of the QEMU emulator. The issue occurs in ipreass routine while reassembling incoming packets, if the first fragment is bigger than the m-mdat buffer. A user or process could use this flaw to crash the QEMU process on the hos...
QEMU: slirp: heap buffer overflow during packet reassembly
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ipreass routine while reassembling incoming packets if the first fragment is bigger than the m-mdat buffer. An attacker could use this flaw to crash the QEMU process on the...