It was discovered that incorrect memory handling in the SLIRP networking implementation could result in denial of service or potentially the execution of arbitrary code. For the stable distribution (buster), this problem has been fixed in version 1:3.1+dfsg-8+deb10u7. In addition this update fixes a regression caused by the patch for CVE-2020-13754, which could lead to startup failures in some Xen setups. We recommend that you upgrade your qemu packages. For the detailed security status of qemu please refer to its security tracker page at: https://security-tracker.debian.org/tracker/qemu
It was discovered that incorrect memory handling in the SLIRP networking implementation could result in denial of service or potentially the execution of arbitrary code.
For the stable distribution (buster), this problem has been fixed in version 1:3.1+dfsg-8+deb10u7. In addition this update fixes a regression caused by the patch for CVE-2020-13754, which could lead to startup failures in some Xen setups.
We recommend that you upgrade your qemu packages.
For the detailed security status of qemu please refer to its security tracker page at: https://security-tracker.debian.org/tracker/qemu
Vulmon