Search CVE reports
1 – 10 of 13 results
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the...
2 affected packages
libslirp, qemu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libslirp | Fixed | Fixed | Fixed | Not in release |
| qemu | Not affected | Not affected | Not affected | Fixed |
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the...
2 affected packages
libslirp, qemu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libslirp | Fixed | Fixed | Fixed | Not in release |
| qemu | Not affected | Not affected | Not affected | Fixed |
Some fixes available 12 of 14
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the...
2 affected packages
libslirp, qemu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libslirp | Fixed | Fixed | Fixed | Not in release |
| qemu | Not affected | Not affected | Not affected | Fixed |
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the...
2 affected packages
qemu, libslirp
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | Not affected | Not affected | Not affected | Fixed |
| libslirp | Fixed | Fixed | Fixed | Not in release |
Some fixes available 18 of 32
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
5 affected packages
libslirp, qemu, qemu-kvm, slirp, slirp4netns
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libslirp | Fixed | Fixed | Fixed | Not in release |
| qemu | Not affected | Not affected | Not affected | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
| slirp | Vulnerable | Vulnerable | Vulnerable | Fixed |
| slirp4netns | Not affected | Not affected | Needs evaluation | Not in release |
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.
3 affected packages
libslirp, qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libslirp | — | — | — | Not in release |
| qemu | — | — | — | Not affected |
| qemu-kvm | — | — | — | Not in release |
Some fixes available 7 of 10
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS...
4 affected packages
slirp, libslirp, qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| slirp | Not affected | Not affected | Not affected | Fixed |
| libslirp | Not affected | Not affected | Not affected | Not in release |
| qemu | Not affected | Not affected | Not affected | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
3 affected packages
libslirp, qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libslirp | — | Not affected | Fixed | Not in release |
| qemu | — | Not affected | Not affected | Not affected |
| qemu-kvm | — | Not in release | Not in release | Not in release |
ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
3 affected packages
libslirp, qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libslirp | Not affected | Not affected | Fixed | Not in release |
| qemu | Not affected | Not affected | Not affected | Not affected |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
Some fixes available 15 of 17
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
4 affected packages
libslirp, qemu, qemu-kvm, slirp4netns
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libslirp | Fixed | Fixed | Fixed | Not in release |
| qemu | Not affected | Not affected | Not affected | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
| slirp4netns | Not affected | Not affected | Needs evaluation | Not in release |