Описание
Security update for slirp4netns
This update for slirp4netns fixes the following issues:
- CVE-2020-29130: Fixed an invalid memory access while processing ARP packets (bsc#1179467).
Список пакетов
SUSE Enterprise Storage 7
slirp4netns-0.4.7-3.15.1
SUSE Linux Enterprise Micro 5.0
slirp4netns-0.4.7-3.15.1
SUSE Linux Enterprise Micro 5.1
slirp4netns-0.4.7-3.15.1
SUSE Linux Enterprise Module for Containers 15 SP3
slirp4netns-0.4.7-3.15.1
Ссылки
- Link for SUSE-SU-2022:0943-1
- E-Mail link for SUSE-SU-2022:0943-1
- SUSE Security Ratings
- SUSE Bug 1179467
- SUSE CVE CVE-2020-29130 page
Описание
slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
Затронутые продукты
SUSE Enterprise Storage 7:slirp4netns-0.4.7-3.15.1
SUSE Linux Enterprise Micro 5.0:slirp4netns-0.4.7-3.15.1
SUSE Linux Enterprise Micro 5.1:slirp4netns-0.4.7-3.15.1
SUSE Linux Enterprise Module for Containers 15 SP3:slirp4netns-0.4.7-3.15.1
Ссылки
- CVE-2020-29130
- SUSE Bug 1178658
- SUSE Bug 1179467
- SUSE Bug 1179477