14 matches found
MiracleLinux 7 : qemu-kvm-1.5.3-160.el7.3 (AXSA:2019-3944:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3944:03 advisory. QEMU: slirp: heap buffer overflow in tcpemu CVE-2019-6778 Tenable has extracted the preceding description block directly from the MiracleLinux security...
tcp_emu in tcp_subr.c in libslirp 4.1.0 as used in QEMU 4.2.0 mismanages memory as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
DEBIAN-CVE-2020-7039
tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code...
UBUNTU-CVE-2020-7039
tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code...
PT-2020-2007 · Qemu +9 · Qemu +9
Name of the Vulnerable Software and Affected Versions: QEMU versions 4.2.0 libslirp version 4.1.0 Description: The issue is related to a memory management error in the tcp emu function of the QEMU software, which can be exploited by a remote attacker to access confidential data, compromise data...
QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables
tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...
QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables
tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...
QEMU Information Disclosure Vulnerability (CNVD-2019-07886)
QEMU Quick Emulator is a set of simulation processor software by French software developer Fabrice Bellard. The software is fast, cross-platform and other characteristics. A security vulnerability exists in the 'tcpemu' program of SLiRP in QEMU. A local attacker can exploit the vulnerability to...