Search CVE reports
11 – 13 of 13 results
Some fixes available 2 of 5
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This...
4 affected packages
libslirp, qemu, qemu-kvm, slirp4netns
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libslirp | Not affected | Not affected | Fixed | Not in release |
| qemu | Not affected | Not affected | Not affected | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
| slirp4netns | Not affected | Not affected | Vulnerable | Not in release |
Some fixes available 16 of 147
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
20 affected packages
android, libslirp, vde2, virtualbox, basilisk2...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| android | Not in release | Not in release | Not in release | Not in release |
| libslirp | Not affected | Not affected | Not affected | Not in release |
| vde2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| virtualbox | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| basilisk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ns3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| qemu | Fixed | Fixed | Fixed | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
| qemu-kvm-spice | Not in release | Not in release | Not in release | Not in release |
| qemu-linaro | Not in release | Not in release | Not in release | Not in release |
| slirp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| virtualbox-hwe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xen | Not affected | Not affected | Not affected | Not affected |
| redboot-imx | Not in release | Not in release | Not in release | Needs evaluation |
| slirp4netns | Not affected | Not affected | Not affected | Not in release |
| virtualbox-lts-vivid | Not in release | Not in release | Not in release | Not in release |
| virtualbox-lts-wily | Not in release | Not in release | Not in release | Not in release |
| virtualbox-lts-xenial | Not in release | Not in release | Not in release | Not in release |
Some fixes available 16 of 99
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
13 affected packages
fs-uae, libslirp, qemu, basilisk2, bochs...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libslirp | Not affected | Not affected | Not affected | Not in release |
| qemu | Fixed | Fixed | Fixed | Fixed |
| basilisk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| slirp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| vde2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| xen | Not affected | Not affected | Not affected | Not affected |
| android | Not in release | Not in release | Not in release | Not in release |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
| qemu-kvm-spice | Not in release | Not in release | Not in release | Not in release |
| qemu-linaro | Not in release | Not in release | Not in release | Not in release |
| slirp4netns | Not affected | Not affected | Not affected | Not in release |