CVEs (13)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
4Debian FedoraprojectLibslirp Project+1 more4Debian Linux Enterprise LinuxFedora+1 moreNov 21, 2024 Jun 15, 2021 N/A· v4 3.8 LOW· v3 2.1 LOW· v2 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size o...Show more |
4Debian FedoraprojectLibslirp Project+1 more4Debian Linux Enterprise LinuxFedora+1 moreNov 21, 2024 Jun 15, 2021 N/A· v4 3.8 LOW· v3 2.1 LOW· v2 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of...Show more |
4Debian FedoraprojectLibslirp Project+1 more4Debian Linux Enterprise LinuxFedora+1 moreNov 21, 2024 Jun 15, 2021 N/A· v4 3.8 LOW· v3 2.1 LOW· v2 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size o...Show more |
4Debian FedoraprojectLibslirp Project+1 more4Debian Linux Enterprise LinuxFedora+1 moreNov 21, 2024 Jun 15, 2021 N/A· v4 3.8 LOW· v3 2.1 LOW· v2 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size...Show more |
3Debian FedoraprojectLibslirp Project3Debian Linux FedoraLibslirpNov 21, 2024 Nov 26, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. |
3Debian FedoraprojectLibslirp Project3Debian Linux FedoraLibslirpNov 21, 2024 Nov 26, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. |
5Canonical DebianLibslirp Project+2 more6Debian Linux Enterprise LinuxLeap+3 moreNov 21, 2024 Jul 9, 2020 N/A· v4 6.5 MEDIUM· v3 2.1 LOW· v2 An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping...Show more |
5Canonical DebianFedoraproject+2 more5Debian Linux FedoraLeap+2 moreNov 21, 2024 Apr 22, 2020 N/A· v4 6.5 MEDIUM· v3 2.1 LOW· v2 A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. |
3Debian Libslirp ProjectOpensuse3Debian Linux LeapLibslirpNov 21, 2024 Feb 6, 2020 N/A· v4 5.6 MEDIUM· v3 6.8 MEDIUM· v2 In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. |
2Libslirp Project Qemu2Libslirp QemuNov 21, 2024 Jan 21, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows. |
4Debian Libslirp ProjectOpensuse+1 more4Debian Linux LeapLibslirp+1 moreNov 21, 2024 Jan 16, 2020 N/A· v4 5.6 MEDIUM· v3 6.8 MEDIUM· v2 tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead...Show more |
2Libslirp Project Qemu2Libslirp QemuNov 21, 2024 Sep 6, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. |
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. |