Описание
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
A use-after-free flaw was found in the SLiRP networking implementation of the QEMU emulator. Specifically, this flaw occurs in the ip_reass() routine while reassembling incoming IP fragments whose combined size is bigger than 65k. This flaw allows an attacker to crash the QEMU process on the host, resulting in a denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Out of support scope | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Will not fix | ||
| Red Hat Enterprise Linux 7 | slirp4netns | Will not fix | ||
| Red Hat Enterprise Linux 8 | container-tools:1.0/slirp4netns | Out of support scope | ||
| Red Hat Enterprise Linux 8 | container-tools:2.0/slirp4netns | Affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.1/qemu-kvm | Affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.2/qemu-kvm | Affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.3/qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 9 | qemu-kvm | Not affected | ||
| Red Hat OpenShift Container Platform 4 | slirp4netns | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
A use after free vulnerability in ip_reass() in ip_input.c of libslirp ...
EPSS
6.5 Medium
CVSS3