CVE-2020-29130

Опубликовано: 26 нояб. 2020

Источник: debian

EPSS Низкий

Описание

slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libslirp	fixed	4.4.0-1		package
qemu	fixed	1:4.1-2		package

Примечания

https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f (v4.4.0)
qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
https://github.com/rootless-containers/slirp4netns/security/advisories/GHSA-2j37-w439-87q3

EPSS

Процентиль: 63%

0.00462

Низкий

Связанные уязвимости

CVE-2020-29130

CVSS3: 4.3

ubuntu

больше 4 лет назад

slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.

CVE-2020-29130

CVSS3: 2.5

redhat

больше 4 лет назад

slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.

CVE-2020-29130

CVSS3: 4.3

nvd

больше 4 лет назад

slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.

openSUSE-SU-2022:0943-1

suse-cvrf

около 3 лет назад

Security update for slirp4netns

SUSE-SU-2022:0943-1

suse-cvrf

около 3 лет назад

Security update for slirp4netns

EPSS

Процентиль: 63%

0.00462

Низкий