Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-15890

Опубликовано: 25 авг. 2019
Источник: redhat
CVSS3: 5.6

Описание

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

A use-after-free issue was found in the SLiRP networking implementation of the QEMU emulator. The issue occurs in ip_reass() routine while reassembling incoming packets, if the first fragment is bigger than the m->m_dat[] buffer. A user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

Отчет

Red Hat OpenStack Platform:

  • This flaw impacts KVM user-mode or SLIRP networking, which is not used in Red Hat OpenStack Platform. Although updating is recommended for affected versions (see below), Red Hat OpenStack Platform environments are not vulnerable.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmOut of support scope
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 7qemu-kvmWill not fix
Red Hat Enterprise Linux 7qemu-kvm-maWill not fix
Red Hat Enterprise Linux 7qemu-kvm-rhevWill not fix
Red Hat Enterprise Linux 8container-tools:1.0/slirp4netnsOut of support scope
Red Hat Enterprise Linux 8 Advanced Virtualizationqemu-kvmAffected
Red Hat OpenShift Container Platform 4slirp4netnsNot affected
Red Hat OpenStack Platform 10 (Newton)qemu-kvm-rhevFix deferred
Red Hat OpenStack Platform 13 (Queens)qemu-kvm-rhevFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1749716QEMU: Slirp: use-after-free during packet reassembly

5.6 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-15890

CVSS3: 7.5
ubuntu
почти 6 лет назад

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

nvd логотип

CVE-2019-15890

CVSS3: 7.5
nvd
почти 6 лет назад

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

debian логотип

CVE-2019-15890

CVSS3: 7.5
debian
почти 6 лет назад

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reas ...

github логотип

GHSA-2237-w692-94pv

CVSS3: 7.5
github
около 3 лет назад

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

fstec логотип

BDU:2020-01805

CVSS3: 7.5
fstec
почти 6 лет назад

Уязвимость функции ip_reass (ip_input.с) аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

5.6 Medium

CVSS3