Libslirp Security Vulnerabilities and Issues — Libslirp CVE List

Lucene search

Libslirp ProjectLibslirp

3 matches found

CVE•added 2020/07/09 4:15 p.m.•499 views

CVE-2020-10756

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, r...

6.5CVSS5.9AI score0.00036EPSS

CVE•added 2020/01/16 11:15 p.m.•467 views

CVE-2020-7039

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.

6.8CVSS6.7AI score0.0102EPSS

CVE•added 2020/02/06 5:15 p.m.•372 views

CVE-2020-8608

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

6.8CVSS6.5AI score0.0181EPSS