CVE search results

11 – 13 of 13 results

Detailed view

Sort by:

CVE-2020-7039

Medium priority

Some fixes available 6 of 10

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS...

4 affected packages

libslirp, qemu, qemu-kvm, slirp

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
libslirp	Not affected	Not affected	Not affected	Not in release	Not in release
qemu	Not affected	Not affected	Not affected	Fixed	Fixed
qemu-kvm	Not in release	Not in release	Not in release	Not in release	Not in release
slirp	Not affected	Not affected	Not affected	Fixed	Fixed

CVE-2019-15890

Low priority

Some fixes available 14 of 130

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

20 affected packages

android, basilisk2, bochs, fs-uae, libslirp...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
android	Not in release	Not in release	Not in release	Not in release	Needs evaluation
basilisk2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
bochs	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
fs-uae	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libslirp	Not affected	Not affected	Not affected	Not in release	Not in release
ns3	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
qemu	Fixed	Fixed	Fixed	Fixed	Fixed
qemu-kvm	Not in release	Not in release	Not in release	Not in release	Not in release
qemu-kvm-spice	Not in release	Not in release	Not in release	Not in release	Not in release
qemu-linaro	Not in release	Not in release	Not in release	Not in release	Not in release
redboot-imx	Not in release	Not in release	Not in release	Needs evaluation	Needs evaluation
slirp	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
slirp4netns	Not affected	Not affected	Not affected	Not in release	Not in release
vde2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
virtualbox	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
virtualbox-hwe	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
virtualbox-lts-vivid	Not in release	Not in release	Not in release	Not in release	Not in release
virtualbox-lts-wily	Not in release	Not in release	Not in release	Not in release	Not in release
virtualbox-lts-xenial	Not in release	Not in release	Not in release	Not in release	Not in release
xen	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2019-14378

Low priority

Some fixes available 14 of 87

ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.

13 affected packages

android, basilisk2, bochs, fs-uae, libslirp...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
android	Not in release	Not in release	Not in release	Not in release	Needs evaluation
basilisk2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
bochs	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
fs-uae	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libslirp	Not affected	Not affected	Not affected	Not in release	Not in release
qemu	Fixed	Fixed	Fixed	Fixed	Fixed
qemu-kvm	Not in release	Not in release	Not in release	Not in release	Not in release
qemu-kvm-spice	Not in release	Not in release	Not in release	Not in release	Not in release
qemu-linaro	Not in release	Not in release	Not in release	Not in release	Not in release
slirp	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
slirp4netns	Not affected	Not affected	Not affected	Not in release	Not in release
vde2	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
xen	Not affected	Not affected	Not affected	Not affected	Not affected

Export to JSON

Results by page:

Search CVE reports