csaf_suse - suse-su-2020:14396-1

suse-su-2020:14396-1

Vulnerability from csaf_suse

Published

2020-06-11 13:23

Modified

2020-06-11 13:23

Summary

Security update for kvm

Notes

Title of the patch

Security update for kvm

Description of the patch

This update for kvm fixes the following issues: Security issues fixed: - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation (bsc#1146873). - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp (bsc#1170940). - CVE-2020-8608: Fixed a potential OOB access in slirp (bsc#1163018). - CVE-2020-7039: Fixed a potential OOB access in slirp (bsc#1161066). - CVE-2019-15890: Fixed a use-after-free during packet reassembly in slirp (bsc#1149811). - Fixed multiple potential DoS issues in SLIRP, similar to CVE-2019-6778 (bsc#1123156).

Patchnames

slessp4-kvm-14396

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for kvm",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for kvm fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation (bsc#1146873).\n- CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp (bsc#1170940).\n- CVE-2020-8608: Fixed a potential OOB access in slirp (bsc#1163018).\n- CVE-2020-7039: Fixed a potential OOB access in slirp (bsc#1161066).\n- CVE-2019-15890: Fixed a use-after-free during packet reassembly in slirp (bsc#1149811).\n- Fixed multiple potential DoS issues in SLIRP, similar to CVE-2019-6778 (bsc#1123156).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "slessp4-kvm-14396",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_14396-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2020:14396-1",
        "url": "https://www.suse.com/support/update/announcement/2020/suse-su-202014396-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2020:14396-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2020-June/006934.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1123156",
        "url": "https://bugzilla.suse.com/1123156"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1146873",
        "url": "https://bugzilla.suse.com/1146873"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1149811",
        "url": "https://bugzilla.suse.com/1149811"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1161066",
        "url": "https://bugzilla.suse.com/1161066"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1163018",
        "url": "https://bugzilla.suse.com/1163018"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1170940",
        "url": "https://bugzilla.suse.com/1170940"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-12068 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-12068/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-15890 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-15890/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-6778 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-6778/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-1983 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-1983/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-7039 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-7039/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-8608 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-8608/"
      }
    ],
    "title": "Security update for kvm",
    "tracking": {
      "current_release_date": "2020-06-11T13:23:22Z",
      "generator": {
        "date": "2020-06-11T13:23:22Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2020:14396-1",
      "initial_release_date": "2020-06-11T13:23:22Z",
      "revision_history": [
        {
          "date": "2020-06-11T13:23:22Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kvm-1.4.2-60.31.1.i586",
                "product": {
                  "name": "kvm-1.4.2-60.31.1.i586",
                  "product_id": "kvm-1.4.2-60.31.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kvm-1.4.2-60.31.1.s390x",
                "product": {
                  "name": "kvm-1.4.2-60.31.1.s390x",
                  "product_id": "kvm-1.4.2-60.31.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kvm-1.4.2-60.31.1.x86_64",
                "product": {
                  "name": "kvm-1.4.2-60.31.1.x86_64",
                  "product_id": "kvm-1.4.2-60.31.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse_sles:11:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kvm-1.4.2-60.31.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586"
        },
        "product_reference": "kvm-1.4.2-60.31.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kvm-1.4.2-60.31.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x"
        },
        "product_reference": "kvm-1.4.2-60.31.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kvm-1.4.2-60.31.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
        },
        "product_reference": "kvm-1.4.2-60.31.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-12068",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-12068"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances \u0027s-\u003edsp\u0027 index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-12068",
          "url": "https://www.suse.com/security/cve/CVE-2019-12068"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1146873 for CVE-2019-12068",
          "url": "https://bugzilla.suse.com/1146873"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1146874 for CVE-2019-12068",
          "url": "https://bugzilla.suse.com/1146874"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2019-12068",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-06-11T13:23:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-12068"
    },
    {
      "cve": "CVE-2019-15890",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-15890"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-15890",
          "url": "https://www.suse.com/security/cve/CVE-2019-15890"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149811 for CVE-2019-15890",
          "url": "https://bugzilla.suse.com/1149811"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149813 for CVE-2019-15890",
          "url": "https://bugzilla.suse.com/1149813"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2019-15890",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-06-11T13:23:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2019-15890"
    },
    {
      "cve": "CVE-2019-6778",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-6778"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-6778",
          "url": "https://www.suse.com/security/cve/CVE-2019-6778"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123156 for CVE-2019-6778",
          "url": "https://bugzilla.suse.com/1123156"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1123157 for CVE-2019-6778",
          "url": "https://bugzilla.suse.com/1123157"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178658 for CVE-2019-6778",
          "url": "https://bugzilla.suse.com/1178658"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-06-11T13:23:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-6778"
    },
    {
      "cve": "CVE-2020-1983",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-1983"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-1983",
          "url": "https://www.suse.com/security/cve/CVE-2020-1983"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1170940 for CVE-2020-1983",
          "url": "https://bugzilla.suse.com/1170940"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-06-11T13:23:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2020-1983"
    },
    {
      "cve": "CVE-2020-7039",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-7039"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-7039",
          "url": "https://www.suse.com/security/cve/CVE-2020-7039"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1161066 for CVE-2020-7039",
          "url": "https://bugzilla.suse.com/1161066"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-06-11T13:23:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-7039"
    },
    {
      "cve": "CVE-2020-8608",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-8608"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-8608",
          "url": "https://www.suse.com/security/cve/CVE-2020-8608"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163018 for CVE-2020-8608",
          "url": "https://bugzilla.suse.com/1163018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1163019 for CVE-2020-8608",
          "url": "https://bugzilla.suse.com/1163019"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.i586",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4-LTSS:kvm-1.4.2-60.31.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2020-06-11T13:23:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-8608"
    }
  ]
}

CVE-2020-8608 (GCVE-0-2020-8608)

Vulnerability from cvelistv5

Published

2020-02-06 16:45

Modified

2024-08-04 10:03

Severity ?

CWE

Summary

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

References

▼	URL	Tags
	https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843	x_refsource_MISC
	https://www.openwall.com/lists/oss-security/2020/02/06/2	x_refsource_MISC
	https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0	x_refsource_MISC
	https://usn.ubuntu.com/4283-1/	vendor-advisory, x_refsource_UBUNTU
	https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html	mailing-list, x_refsource_MLIST
	https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html	mailing-list, x_refsource_MLIST
	https://security.gentoo.org/glsa/202003-66	vendor-advisory, x_refsource_GENTOO
	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html	vendor-advisory, x_refsource_SUSE
	https://www.debian.org/security/2020/dsa-4733	vendor-advisory, x_refsource_DEBIAN
	https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html	mailing-list, x_refsource_MLIST
	https://security.netapp.com/advisory/ntap-20201001-0002/	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:03:46.311Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
          },
          {
            "name": "USN-4283-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4283-1/"
          },
          {
            "name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
          },
          {
            "name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
          },
          {
            "name": "GLSA-202003-66",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202003-66"
          },
          {
            "name": "openSUSE-SU-2020:0468",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
          },
          {
            "name": "DSA-4733",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4733"
          },
          {
            "name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20201001-0002/"
          },
          {
            "name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-09T23:06:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
        },
        {
          "name": "USN-4283-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4283-1/"
        },
        {
          "name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
        },
        {
          "name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
        },
        {
          "name": "GLSA-202003-66",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202003-66"
        },
        {
          "name": "openSUSE-SU-2020:0468",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
        },
        {
          "name": "DSA-4733",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4733"
        },
        {
          "name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20201001-0002/"
        },
        {
          "name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-8608",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843",
              "refsource": "MISC",
              "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"
            },
            {
              "name": "https://www.openwall.com/lists/oss-security/2020/02/06/2",
              "refsource": "MISC",
              "url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"
            },
            {
              "name": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0",
              "refsource": "MISC",
              "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"
            },
            {
              "name": "USN-4283-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4283-1/"
            },
            {
              "name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"
            },
            {
              "name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"
            },
            {
              "name": "GLSA-202003-66",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202003-66"
            },
            {
              "name": "openSUSE-SU-2020:0468",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
            },
            {
              "name": "DSA-4733",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4733"
            },
            {
              "name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20201001-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20201001-0002/"
            },
            {
              "name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-8608",
    "datePublished": "2020-02-06T16:45:25",
    "dateReserved": "2020-02-04T00:00:00",
    "dateUpdated": "2024-08-04T10:03:46.311Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-1983 (GCVE-0-2020-1983)

Vulnerability from cvelistv5

Published

2020-04-22 19:30

Modified

2024-09-16 19:41

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-416 - Use After Free

Summary

A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.

References

▼	URL	Tags
	https://gitlab.freedesktop.org/slirp/libslirp/-/issues/20	x_refsource_MISC
	https://gitlab.freedesktop.org/slirp/libslirp/-/commit/9ac0371bb8c0a40f5d9f82a1c25129660e81df04	x_refsource_MISC
	https://www.debian.org/security/2020/dsa-4665	vendor-advisory, x_refsource_DEBIAN
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWFD4MWV3YWIHVHSA2F7FKOLJFL4PHOX/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKT2MTSINE4NUPG5L6BYH6N23NBNITOL/	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00022.html	vendor-advisory, x_refsource_SUSE
	https://usn.ubuntu.com/4372-1/	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00001.html	vendor-advisory, x_refsource_SUSE
	https://lists.debian.org/debian-lts-announce/2020/06/msg00032.html	mailing-list, x_refsource_MLIST
	https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	slirp	libslirp	Version: unspecified <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/issues/20"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/9ac0371bb8c0a40f5d9f82a1c25129660e81df04"
          },
          {
            "name": "DSA-4665",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4665"
          },
          {
            "name": "FEDORA-2020-30c45be10c",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWFD4MWV3YWIHVHSA2F7FKOLJFL4PHOX/"
          },
          {
            "name": "FEDORA-2020-1608d52724",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKT2MTSINE4NUPG5L6BYH6N23NBNITOL/"
          },
          {
            "name": "openSUSE-SU-2020:0636",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00022.html"
          },
          {
            "name": "USN-4372-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4372-1/"
          },
          {
            "name": "openSUSE-SU-2020:0756",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00001.html"
          },
          {
            "name": "[debian-lts-announce] 20200629 [SECURITY] [DLA 2262-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00032.html"
          },
          {
            "name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "libslirp",
          "vendor": "slirp",
          "versions": [
            {
              "lessThanOrEqual": "4.2.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Aviv Sasson of Palo Alto Networks."
        }
      ],
      "datePublic": "2020-04-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "A public proof of concept is available."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-26T13:06:09",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/issues/20"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/9ac0371bb8c0a40f5d9f82a1c25129660e81df04"
        },
        {
          "name": "DSA-4665",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4665"
        },
        {
          "name": "FEDORA-2020-30c45be10c",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWFD4MWV3YWIHVHSA2F7FKOLJFL4PHOX/"
        },
        {
          "name": "FEDORA-2020-1608d52724",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKT2MTSINE4NUPG5L6BYH6N23NBNITOL/"
        },
        {
          "name": "openSUSE-SU-2020:0636",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00022.html"
        },
        {
          "name": "USN-4372-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4372-1/"
        },
        {
          "name": "openSUSE-SU-2020:0756",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00001.html"
        },
        {
          "name": "[debian-lts-announce] 20200629 [SECURITY] [DLA 2262-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00032.html"
        },
        {
          "name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
        }
      ],
      "source": {
        "defect": [
          "20"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "libslirp: use after free vulnerability cause a denial of service.",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-04-20T20:28:00.000Z",
          "ID": "CVE-2020-1983",
          "STATE": "PUBLIC",
          "TITLE": "libslirp: use after free vulnerability cause a denial of service."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "libslirp",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "4.2.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "slirp"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered by Aviv Sasson of Palo Alto Networks."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "A public proof of concept is available."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-416 Use After Free"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://gitlab.freedesktop.org/slirp/libslirp/-/issues/20",
              "refsource": "MISC",
              "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/issues/20"
            },
            {
              "name": "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/9ac0371bb8c0a40f5d9f82a1c25129660e81df04",
              "refsource": "MISC",
              "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/commit/9ac0371bb8c0a40f5d9f82a1c25129660e81df04"
            },
            {
              "name": "DSA-4665",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4665"
            },
            {
              "name": "FEDORA-2020-30c45be10c",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWFD4MWV3YWIHVHSA2F7FKOLJFL4PHOX/"
            },
            {
              "name": "FEDORA-2020-1608d52724",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKT2MTSINE4NUPG5L6BYH6N23NBNITOL/"
            },
            {
              "name": "openSUSE-SU-2020:0636",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00022.html"
            },
            {
              "name": "USN-4372-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4372-1/"
            },
            {
              "name": "openSUSE-SU-2020:0756",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00001.html"
            },
            {
              "name": "[debian-lts-announce] 20200629 [SECURITY] [DLA 2262-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00032.html"
            },
            {
              "name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
            }
          ]
        },
        "source": {
          "defect": [
            "20"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1983",
    "datePublished": "2020-04-22T19:30:14.844095Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T19:41:29.761Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-15890 (GCVE-0-2019-15890)

Vulnerability from cvelistv5

Published

2019-09-06 16:55

Modified

2024-08-05 01:03

Severity ?

CWE

Summary

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

References

▼	URL	Tags
	https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2019/09/06/3	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/4191-2/	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html	vendor-advisory, x_refsource_SUSE
	https://usn.ubuntu.com/4191-1/	vendor-advisory, x_refsource_UBUNTU
	https://seclists.org/bugtraq/2020/Feb/0	mailing-list, x_refsource_BUGTRAQ
	https://www.debian.org/security/2020/dsa-4616	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2020:0775	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:31.933Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/09/06/3"
          },
          {
            "name": "[debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"
          },
          {
            "name": "USN-4191-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4191-2/"
          },
          {
            "name": "openSUSE-SU-2019:2510",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"
          },
          {
            "name": "USN-4191-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4191-1/"
          },
          {
            "name": "20200203 [SECURITY] [DSA 4616-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2020/Feb/0"
          },
          {
            "name": "DSA-4616",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4616"
          },
          {
            "name": "RHSA-2020:0775",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0775"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-11T11:06:28",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/09/06/3"
        },
        {
          "name": "[debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"
        },
        {
          "name": "USN-4191-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4191-2/"
        },
        {
          "name": "openSUSE-SU-2019:2510",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"
        },
        {
          "name": "USN-4191-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4191-1/"
        },
        {
          "name": "20200203 [SECURITY] [DSA 4616-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2020/Feb/0"
        },
        {
          "name": "DSA-4616",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4616"
        },
        {
          "name": "RHSA-2020:0775",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0775"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-15890",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943",
              "refsource": "MISC",
              "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2019/09/06/3",
              "refsource": "CONFIRM",
              "url": "http://www.openwall.com/lists/oss-security/2019/09/06/3"
            },
            {
              "name": "[debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"
            },
            {
              "name": "USN-4191-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4191-2/"
            },
            {
              "name": "openSUSE-SU-2019:2510",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"
            },
            {
              "name": "USN-4191-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4191-1/"
            },
            {
              "name": "20200203 [SECURITY] [DSA 4616-1] qemu security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2020/Feb/0"
            },
            {
              "name": "DSA-4616",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4616"
            },
            {
              "name": "RHSA-2020:0775",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0775"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-15890",
    "datePublished": "2019-09-06T16:55:12",
    "dateReserved": "2019-09-03T00:00:00",
    "dateUpdated": "2024-08-05T01:03:31.933Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12068 (GCVE-0-2019-12068)

Vulnerability from cvelistv5

Published

2019-09-24 19:59

Modified

2024-08-04 23:10

Severity ?

CWE

Summary

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well.

References

▼	URL	Tags
	https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html	mailing-list, x_refsource_MLIST
	https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01518.html	x_refsource_MISC
	https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=de594e47659029316bbf9391efb79da0a1a08e08	x_refsource_MISC
	https://security-tracker.debian.org/tracker/CVE-2019-12068	x_refsource_MISC
	https://usn.ubuntu.com/4191-2/	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html	vendor-advisory, x_refsource_SUSE
	https://usn.ubuntu.com/4191-1/	vendor-advisory, x_refsource_UBUNTU
	https://www.debian.org/security/2020/dsa-4665	vendor-advisory, x_refsource_DEBIAN
	https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:10:30.158Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01518.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=de594e47659029316bbf9391efb79da0a1a08e08"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2019-12068"
          },
          {
            "name": "USN-4191-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4191-2/"
          },
          {
            "name": "openSUSE-SU-2019:2510",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"
          },
          {
            "name": "openSUSE-SU-2019:2505",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html"
          },
          {
            "name": "USN-4191-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4191-1/"
          },
          {
            "name": "DSA-4665",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4665"
          },
          {
            "name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances \u0027s-\u003edsp\u0027 index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-26T13:06:10",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01518.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=de594e47659029316bbf9391efb79da0a1a08e08"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security-tracker.debian.org/tracker/CVE-2019-12068"
        },
        {
          "name": "USN-4191-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4191-2/"
        },
        {
          "name": "openSUSE-SU-2019:2510",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"
        },
        {
          "name": "openSUSE-SU-2019:2505",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html"
        },
        {
          "name": "USN-4191-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4191-1/"
        },
        {
          "name": "DSA-4665",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4665"
        },
        {
          "name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12068",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances \u0027s-\u003edsp\u0027 index to read next opcode. This can lead to an infinite loop if the next opcode is empty. Move the existing loop exit after 10k iterations so that it covers no-op opcodes as well."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"
            },
            {
              "name": "https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01518.html",
              "refsource": "MISC",
              "url": "https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01518.html"
            },
            {
              "name": "https://git.qemu.org/?p=qemu.git;a=commit;h=de594e47659029316bbf9391efb79da0a1a08e08",
              "refsource": "MISC",
              "url": "https://git.qemu.org/?p=qemu.git;a=commit;h=de594e47659029316bbf9391efb79da0a1a08e08"
            },
            {
              "name": "https://security-tracker.debian.org/tracker/CVE-2019-12068",
              "refsource": "MISC",
              "url": "https://security-tracker.debian.org/tracker/CVE-2019-12068"
            },
            {
              "name": "USN-4191-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4191-2/"
            },
            {
              "name": "openSUSE-SU-2019:2510",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"
            },
            {
              "name": "openSUSE-SU-2019:2505",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00038.html"
            },
            {
              "name": "USN-4191-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4191-1/"
            },
            {
              "name": "DSA-4665",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4665"
            },
            {
              "name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12068",
    "datePublished": "2019-09-24T19:59:44",
    "dateReserved": "2019-05-13T00:00:00",
    "dateUpdated": "2024-08-04T23:10:30.158Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-6778 (GCVE-0-2019-6778)

Vulnerability from cvelistv5

Published

2019-03-17 18:00

Modified

2024-08-04 20:31

Severity ?

CWE

Summary

In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/106758	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00073.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2019/01/24/5	x_refsource_MISC
	https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/	vendor-advisory, x_refsource_FEDORA
	https://usn.ubuntu.com/3923-1/	vendor-advisory, x_refsource_UBUNTU
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html	vendor-advisory, x_refsource_SUSE
	https://www.debian.org/security/2019/dsa-4454	vendor-advisory, x_refsource_DEBIAN
	https://seclists.org/bugtraq/2019/May/76	mailing-list, x_refsource_BUGTRAQ
	https://access.redhat.com/errata/RHSA-2019:1883	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:1968	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:2425	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html	vendor-advisory, x_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2019:2892	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:31:04.394Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "106758",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106758"
          },
          {
            "name": "SUSE-SA-2019:0254-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00073.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/01/24/5"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html"
          },
          {
            "name": "FEDORA-2019-88a98ce795",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
          },
          {
            "name": "USN-3923-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3923-1/"
          },
          {
            "name": "FEDORA-2019-0664c7724d",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/"
          },
          {
            "name": "openSUSE-SU-2019:1074",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
          },
          {
            "name": "openSUSE-SU-2019:1226",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
          },
          {
            "name": "DSA-4454",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4454"
          },
          {
            "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/May/76"
          },
          {
            "name": "RHSA-2019:1883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1883"
          },
          {
            "name": "RHSA-2019:1968",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1968"
          },
          {
            "name": "RHSA-2019:2425",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2425"
          },
          {
            "name": "openSUSE-SU-2019:2044",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"
          },
          {
            "name": "RHSA-2019:2892",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2892"
          },
          {
            "name": "openSUSE-SU-2020:0468",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-01-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-07T05:06:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "106758",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106758"
        },
        {
          "name": "SUSE-SA-2019:0254-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00073.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/01/24/5"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html"
        },
        {
          "name": "FEDORA-2019-88a98ce795",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
        },
        {
          "name": "USN-3923-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3923-1/"
        },
        {
          "name": "FEDORA-2019-0664c7724d",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/"
        },
        {
          "name": "openSUSE-SU-2019:1074",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
        },
        {
          "name": "openSUSE-SU-2019:1226",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
        },
        {
          "name": "DSA-4454",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4454"
        },
        {
          "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/May/76"
        },
        {
          "name": "RHSA-2019:1883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1883"
        },
        {
          "name": "RHSA-2019:1968",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1968"
        },
        {
          "name": "RHSA-2019:2425",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2425"
        },
        {
          "name": "openSUSE-SU-2019:2044",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"
        },
        {
          "name": "RHSA-2019:2892",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2892"
        },
        {
          "name": "openSUSE-SU-2020:0468",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-6778",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "106758",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106758"
            },
            {
              "name": "SUSE-SA-2019:0254-1",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00073.html"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2019/01/24/5",
              "refsource": "MISC",
              "url": "http://www.openwall.com/lists/oss-security/2019/01/24/5"
            },
            {
              "name": "https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html",
              "refsource": "MISC",
              "url": "https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html"
            },
            {
              "name": "FEDORA-2019-88a98ce795",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGCFIFSIWUREEQQOZDZFBYKWZHXCWBZN/"
            },
            {
              "name": "USN-3923-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3923-1/"
            },
            {
              "name": "FEDORA-2019-0664c7724d",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJMTVGDLA654HNCDGLCUEIP36SNJEKK7/"
            },
            {
              "name": "openSUSE-SU-2019:1074",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00042.html"
            },
            {
              "name": "openSUSE-SU-2019:1226",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00072.html"
            },
            {
              "name": "DSA-4454",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4454"
            },
            {
              "name": "20190531 [SECURITY] [DSA 4454-1] qemu security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/May/76"
            },
            {
              "name": "RHSA-2019:1883",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1883"
            },
            {
              "name": "RHSA-2019:1968",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1968"
            },
            {
              "name": "RHSA-2019:2425",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2425"
            },
            {
              "name": "openSUSE-SU-2019:2044",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"
            },
            {
              "name": "RHSA-2019:2892",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2892"
            },
            {
              "name": "openSUSE-SU-2020:0468",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-6778",
    "datePublished": "2019-03-17T18:00:46",
    "dateReserved": "2019-01-24T00:00:00",
    "dateUpdated": "2024-08-04T20:31:04.394Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7039 (GCVE-0-2020-7039)

Vulnerability from cvelistv5

Published

2020-01-16 22:51

Modified

2024-08-04 09:18

Severity ?

CWE

Summary

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.

References

▼	URL	Tags
	https://gitlab.freedesktop.org/slirp/libslirp/commit/ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9	x_refsource_MISC
	https://gitlab.freedesktop.org/slirp/libslirp/commit/82ebe9c370a0e2970fb5695aa19aa5214a6a1c80	x_refsource_MISC
	https://gitlab.freedesktop.org/slirp/libslirp/commit/2655fffed7a9e765bcb4701dd876e9dab975f289	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2020/01/16/2	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2020/01/msg00022.html	mailing-list, x_refsource_MLIST
	https://lists.debian.org/debian-lts-announce/2020/01/msg00036.html	mailing-list, x_refsource_MLIST
	https://seclists.org/bugtraq/2020/Feb/0	mailing-list, x_refsource_BUGTRAQ
	https://www.debian.org/security/2020/dsa-4616	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2020:0348	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/4283-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2020:0775	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html	vendor-advisory, x_refsource_SUSE
	https://security.gentoo.org/glsa/202005-02	vendor-advisory, x_refsource_GENTOO
	https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:18:02.717Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/82ebe9c370a0e2970fb5695aa19aa5214a6a1c80"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/2655fffed7a9e765bcb4701dd876e9dab975f289"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/01/16/2"
          },
          {
            "name": "[debian-lts-announce] 20200126 [SECURITY] [DLA 2076-1] slirp security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00022.html"
          },
          {
            "name": "[debian-lts-announce] 20200131 [SECURITY] [DLA 2090-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00036.html"
          },
          {
            "name": "20200203 [SECURITY] [DSA 4616-1] qemu security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2020/Feb/0"
          },
          {
            "name": "DSA-4616",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4616"
          },
          {
            "name": "RHSA-2020:0348",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0348"
          },
          {
            "name": "USN-4283-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4283-1/"
          },
          {
            "name": "RHSA-2020:0775",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0775"
          },
          {
            "name": "openSUSE-SU-2020:0468",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
          },
          {
            "name": "GLSA-202005-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202005-02"
          },
          {
            "name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-09T23:06:13",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/82ebe9c370a0e2970fb5695aa19aa5214a6a1c80"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/2655fffed7a9e765bcb4701dd876e9dab975f289"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/01/16/2"
        },
        {
          "name": "[debian-lts-announce] 20200126 [SECURITY] [DLA 2076-1] slirp security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00022.html"
        },
        {
          "name": "[debian-lts-announce] 20200131 [SECURITY] [DLA 2090-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00036.html"
        },
        {
          "name": "20200203 [SECURITY] [DSA 4616-1] qemu security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2020/Feb/0"
        },
        {
          "name": "DSA-4616",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4616"
        },
        {
          "name": "RHSA-2020:0348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0348"
        },
        {
          "name": "USN-4283-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4283-1/"
        },
        {
          "name": "RHSA-2020:0775",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0775"
        },
        {
          "name": "openSUSE-SU-2020:0468",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
        },
        {
          "name": "GLSA-202005-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202005-02"
        },
        {
          "name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-7039",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://gitlab.freedesktop.org/slirp/libslirp/commit/ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9",
              "refsource": "MISC",
              "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9"
            },
            {
              "name": "https://gitlab.freedesktop.org/slirp/libslirp/commit/82ebe9c370a0e2970fb5695aa19aa5214a6a1c80",
              "refsource": "MISC",
              "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/82ebe9c370a0e2970fb5695aa19aa5214a6a1c80"
            },
            {
              "name": "https://gitlab.freedesktop.org/slirp/libslirp/commit/2655fffed7a9e765bcb4701dd876e9dab975f289",
              "refsource": "MISC",
              "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/2655fffed7a9e765bcb4701dd876e9dab975f289"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2020/01/16/2",
              "refsource": "CONFIRM",
              "url": "http://www.openwall.com/lists/oss-security/2020/01/16/2"
            },
            {
              "name": "[debian-lts-announce] 20200126 [SECURITY] [DLA 2076-1] slirp security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00022.html"
            },
            {
              "name": "[debian-lts-announce] 20200131 [SECURITY] [DLA 2090-1] qemu security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00036.html"
            },
            {
              "name": "20200203 [SECURITY] [DSA 4616-1] qemu security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2020/Feb/0"
            },
            {
              "name": "DSA-4616",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4616"
            },
            {
              "name": "RHSA-2020:0348",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0348"
            },
            {
              "name": "USN-4283-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4283-1/"
            },
            {
              "name": "RHSA-2020:0775",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0775"
            },
            {
              "name": "openSUSE-SU-2020:0468",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"
            },
            {
              "name": "GLSA-202005-02",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202005-02"
            },
            {
              "name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-7039",
    "datePublished": "2020-01-16T22:51:40",
    "dateReserved": "2020-01-14T00:00:00",
    "dateUpdated": "2024-08-04T09:18:02.717Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2020:14396-1

Vulnerability from csaf_suse

CVE-2020-8608 (GCVE-0-2020-8608)

Vulnerability from cvelistv5

CVE-2020-1983 (GCVE-0-2020-1983)

Vulnerability from cvelistv5

CVE-2019-15890 (GCVE-0-2019-15890)

Vulnerability from cvelistv5

CVE-2019-12068 (GCVE-0-2019-12068)

Vulnerability from cvelistv5

CVE-2019-6778 (GCVE-0-2019-6778)

Vulnerability from cvelistv5

CVE-2020-7039 (GCVE-0-2020-7039)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature