Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libslirp vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-14378
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
Libslirp Project Libslirp 4.0.0
1 EDB exploit
5
CVSSv2
CVE-2019-15890
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
Libslirp Project Libslirp 4.0.0
Qemu Qemu 4.1.0
4
CVSSv2
CVE-2020-29129
ncsi.c in libslirp up to and including 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
Libslirp Project Libslirp
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
4
CVSSv2
CVE-2020-29130
slirp.c in libslirp up to and including 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
Libslirp Project Libslirp
Debian Debian Linux 9.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
2.1
CVSSv2
CVE-2021-3592
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest coul...
Libslirp Project Libslirp
Redhat Enterprise Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
2.1
CVSSv2
CVE-2021-3593
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to o...
Libslirp Project Libslirp
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
2.1
CVSSv2
CVE-2021-3594
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to ou...
Libslirp Project Libslirp
Redhat Enterprise Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
2.1
CVSSv2
CVE-2021-3595
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to o...
Libslirp Project Libslirp
Redhat Enterprise Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Github repository
6.8
CVSSv2
CVE-2020-7039
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
Libslirp Project Libslirp 4.1.0
Qemu Qemu 4.2.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
6.8
CVSSv2
CVE-2020-8608
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
Libslirp Project Libslirp 4.1.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »