12 matches found
Rocky Linux 8 : container-tools:rhel8 (RLSA-2020:1379)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:1379 advisory. - In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code. CVE-2020-8608 Note that Nessus...
SUSE CVE-2020-8608
In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code...
AlmaLinux 8 : virt:rhel (ALSA-2020:2774)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:2774 advisory. QEMU: Slirp: potential OOB access due to unsafe snprintf usages CVE-2020-8608 QEMU: vnc: memory leakage upon disconnect CVE-2019-20382 Tenable has extract...
Oracle Linux 8 : virt:ol (ELSA-2020-2774)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2774 advisory. - Resolves: bz1816763 CVE-2019-20382 virt:rhel/qemu-kvm: QEMU: vnc: memory leakage upon disconnect rhel-8 Tenable has extracted the preceding descripti...
CVE-2020-8608
In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code...
DEBIAN-CVE-2020-8608
In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code...
Debian DLA-2090-1 : qemu security update
tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanag es memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds acces s which can lead to a DoS or potential execute arbitrary code. For Debian 8 'Jessie', this...
Directory traversal
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows...
CVE-2020-7211
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows...
CVE-2020-7211
CVE-2020-7211 affects tftp.c in libslirp 4.1.0 (used by QEMU 4.2.0), which does not prevent a ..\ directory traversal on Windows. This vulnerability allows accessing unintended files via crafted paths. Connected docs list the same CVE in various advisories, but do not provide a published patch/mi...
CVE-2020-7039
tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code...
CVE-2020-7039
tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code...