libslirp

Link	package \| bugs open \| bugs closed \| Wiki \| GitHub \| web search
Description	General purpose TCP-IP emulator
Version	4.8.0-1 [extra]

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-2073	4.5.0-1	4.6.0-1	Medium	Fixed
AVG-1305	4.3.1-1	4.4.0-1	Medium	Fixed

Issue	Group	Severity	Remote	Type	Description
CVE-2021-3595	AVG-2073	Medium	No	Information disclosure	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU before version 4.6.0. The flaw exists in the tftp_input()...
CVE-2021-3594	AVG-2073	Medium	No	Information disclosure	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU before version 4.6.0. The flaw exists in the udp_input()...
CVE-2021-3593	AVG-2073	Medium	No	Information disclosure	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU before version 4.6.0. The flaw exists in the udp6_input()...
CVE-2021-3592	AVG-2073	Medium	No	Information disclosure	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU before version 4.6.0. The flaw exists in the bootp_input()...
CVE-2020-29130	AVG-1305	Medium	No	Information disclosure	slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet...
CVE-2020-29129	AVG-1305	Medium	No	Information disclosure	ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet...

Advisories

Date	Advisory	Group	Severity	Type
22 Jun 2021	ASA-202106-49	AVG-2073	Medium	information disclosure
05 Dec 2020	ASA-202012-7	AVG-1305	Medium	information disclosure