Package "libslirp"
Name: |
libslirp
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- General purpose TCP-IP emulator library (development files)
- General purpose TCP-IP emulator library
|
Latest version: |
4.1.0-2ubuntu2.2 |
Release: |
focal (20.04) |
Level: |
security |
Repository: |
main |
Links
Other versions of "libslirp" in Focal
Packages in group
Deleted packages are displayed in grey.
Changelog
libslirp (4.1.0-2ubuntu2.2) focal-security; urgency=medium
* SECURITY UPDATE: DoS via buffer overread
- debian/patches/CVE-2020-29129_30.patch: check pkt_len before reading
protocol header in src/ncsi.c, src/slirp.c.
- CVE-2020-29129
- CVE-2020-29130
* SECURITY UPDATE: data leak in bootp_input()
- debian/patches/CVE-2021-3592-1.patch: add mtod_check() to src/mbuf.*.
- debian/patches/CVE-2021-3592-2.patch: limit vendor-specific area to
input packet memory buffer in src/bootp.*, src/mbuf.*.
- debian/patches/CVE-2021-3592-3.patch: check bootp_input buffer size
in src/bootp.c.
- debian/patches/CVE-2021-3592-4.patch: fix regression in dhcp in
src/bootp.c.
- CVE-2021-3592
* SECURITY UPDATE: data leak in udp6_input()
- debian/patches/CVE-2021-3593.patch: check udp6_input buffer size in
src/udp6.c.
- CVE-2021-3593
* SECURITY UPDATE: data leak in udp_input()
- debian/patches/CVE-2021-3594.patch: check upd_input buffer size in
src/udp.c.
- CVE-2021-3594
* SECURITY UPDATE: data leak in tftp_input()
- debian/patches/CVE-2021-3595-1.patch: check tftp_input buffer size in
src/tftp.c.
- debian/patches/CVE-2021-3595-2.patch: introduce a header structure in
src/tftp.*.
- CVE-2021-3595
-- Marc Deslauriers <email address hidden> Mon, 21 Jun 2021 08:43:06 -0400
|
Source diff to previous version |
CVE-2020-29129 |
ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packe |
CVE-2020-29130 |
slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total pack |
CVE-2021-3592 |
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and c |
CVE-2021-3593 |
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and co |
CVE-2021-3594 |
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and cou |
CVE-2021-3595 |
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and co |
|
libslirp (4.1.0-2ubuntu2.1) focal-security; urgency=medium
* SECURITY UPDATE: OOB read in icmp6_send_echoreply()
- debian/patches/CVE-2020-10756.patch: check message size in
src/ip6_input.c.
- CVE-2020-10756
-- Marc Deslauriers <email address hidden> Thu, 23 Jul 2020 14:09:04 -0400
|
CVE-2020-10756 |
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echorep |
|
About
-
Send Feedback to @ubuntu_updates