SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1514-1)

This update for qemu fixes the following issues : Security issues fixed : CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code bsc1166240. CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation bsc1146873. CVE-2020-1983: Fixed a use-after-free in the ipreass...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2020:1502-1)

This update for qemu fixes the following issues : Security issue fixed : CVE-2020-1983: Fixed a use-after-free in the ipreass function of slirp bsc1170940. Non-security issues fixed : Fixed an issue where limiting the memory bandwidth was not possible bsc1167816. Fixed the issue that s390x could...

openSUSE: Security Advisory for qemu (openSUSE-SU-2020:0756-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

QEMU: slirp: heap buffer overflow during packet reassembly

A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ipreass routine while reassembling incoming packets if the first fragment is bigger than the m-mdat buffer. An attacker could use this flaw to crash the QEMU process on the...

SUSE SLES15 Security Update : slirp4netns (SUSE-SU-2020:1197-1)

This update for slirp4netns fixes the following issues : Security issue fixed : CVE-2020-1983: Fixed a use-after-free in ipreass bsc1170940. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

libslirp Memory Misreference Vulnerability

libslirp is a general-purpose TCP-IP emulator for managing virtual network services in a hypervisor. A security vulnerability exists in the 'ipreass' function of the ipinput.c file in libslirp 4.2.0 and earlier versions. An attacker can exploit this vulnerability via specially crafted packets to...

CVE-2020-1983

A use after free vulnerability in ipreass in ipinput.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service...

CVE-2020-1983

A use after free vulnerability in ipreass in ipinput.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service...

DEBIAN-CVE-2020-1983

A use after free vulnerability in ipreass in ipinput.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service...

CVE-2020-1983

A use after free vulnerability in ipreass in ipinput.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service...

Design/Logic Flaw

A use after free vulnerability in ipreass in ipinput.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service...

UBUNTU-CVE-2020-1983

A use after free vulnerability in ipreass in ipinput.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service...

CVE-2020-1983

A use after free vulnerability in ipreass in ipinput.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service...

CVE-2020-1983

CVE-2020-1983 is a use-after-free in SLiRP’s ip_reass() (ip_input.c) affecting libslirp 4.2.0 and earlier, exploitable via crafted IP fragments to crash the QEMU host process (DoS). Connected advisories confirm this in QEMU SLiRP, with remediation by upgrading QEMU/libslirp to fixed releases (e.g...

CVE-2019-14378

A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ipreass routine while reassembling incoming packets if the first fragment is bigger than the m-mdat buffer. An attacker could use this flaw to crash the QEMU process on the...

QEMU: slirp: heap buffer overflow during packet reassembly

A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ipreass routine while reassembling incoming packets if the first fragment is bigger than the m-mdat buffer. An attacker could use this flaw to crash the QEMU process on the...

QEMU: slirp: heap buffer overflow during packet reassembly

A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ipreass routine while reassembling incoming packets if the first fragment is bigger than the m-mdat buffer. An attacker could use this flaw to crash the QEMU process on the...

QEMU: slirp: heap buffer overflow during packet reassembly

A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ipreass routine while reassembling incoming packets if the first fragment is bigger than the m-mdat buffer. An attacker could use this flaw to crash the QEMU process on the...

QEMU: slirp: heap buffer overflow during packet reassembly

A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ipreass routine while reassembling incoming packets if the first fragment is bigger than the m-mdat buffer. An attacker could use this flaw to crash the QEMU process on the...

The vulnerability of the ip_reass function in the ip_input.c file of the TCP-IP emulator library Libslirp allows a perpetrator to gain unauthorized access to information, cause service failures, or affect the accessibility of information.

The vulnerability of the ipreass function in the ipinput.c file of the Libslirp TCP-IP emulator’s library is related to the execution of operations within acceptable data buffer limits. Exploiting this vulnerability can allow an attacker to gain unauthorized access to information, cause service...