Libslirp Project: >> Libslirp Security Vulnerabilities
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
CVSS Score
5.6
EPSS Score
0.01
Published
2020-01-16
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-09-06
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
CVSS Score
8.8
EPSS Score
0.069
Published
2019-07-29
Page 2