Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-8608

Опубликовано: 06 фев. 2020
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 5.6

Описание

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

РелизСтатусПримечание
bionic

DNE

devel

released

4.1.0-2ubuntu1
eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

not-affected

4.1.0-2ubuntu1
focal

released

4.1.0-2ubuntu1
groovy

released

4.1.0-2ubuntu1
hirsute

released

4.1.0-2ubuntu1
impish

released

4.1.0-2ubuntu1
jammy

released

4.1.0-2ubuntu1

Показывать по

РелизСтатусПримечание
bionic

released

1:2.11+dfsg-1ubuntu7.23
devel

not-affected

uses system libslirp
eoan

released

1:4.0+dfsg-0ubuntu9.4
esm-infra-legacy/trusty

not-affected

2.0.0+dfsg-2ubuntu1.47+esm4
esm-infra/bionic

not-affected

1:2.11+dfsg-1ubuntu7.23
esm-infra/focal

not-affected

uses system libslirp
esm-infra/xenial

not-affected

1:2.5+dfsg-5ubuntu10.43
focal

not-affected

uses system libslirp
groovy

not-affected

uses system libslirp
hirsute

not-affected

uses system libslirp

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
bionic

released

1:1.0.17-8ubuntu18.04.1
devel

needed

eoan

ignored

end of life
esm-apps/bionic

released

1:1.0.17-8ubuntu18.04.1
esm-apps/focal

needed

esm-apps/jammy

needed

esm-apps/noble

needed

esm-apps/xenial

released

1:1.0.17-8ubuntu16.04.1
esm-infra-legacy/trusty

not-affected

1:1.0.17-7+deb8u2build0.14.04.1+esm1
focal

ignored

end of standard support, was needed

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

not-affected

1.0.1-1
eoan

ignored

end of life
esm-apps/focal

needs-triage

esm-apps/jammy

not-affected

1.0.1-1
esm-apps/noble

not-affected

1.0.1-1
esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
groovy

not-affected

1.0.1-1
hirsute

not-affected

1.0.1-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 83%
0.01962
Низкий

6.8 Medium

CVSS2

5.6 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2020-8608

CVSS3: 5.6
redhat
больше 5 лет назад

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

nvd логотип

CVE-2020-8608

CVSS3: 5.6
nvd
больше 5 лет назад

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

debian логотип

CVE-2020-8608

CVSS3: 5.6
debian
больше 5 лет назад

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf ...

suse-cvrf логотип

SUSE-SU-2020:2171-1

suse-cvrf
почти 5 лет назад

Security update for xen

suse-cvrf логотип

SUSE-SU-2020:2141-1

suse-cvrf
почти 5 лет назад

Security update for xen

EPSS

Процентиль: 83%
0.01962
Низкий

6.8 Medium

CVSS2

5.6 Medium

CVSS3

Уязвимость CVE-2020-8608