Vulnerability Details : CVE-2020-1983
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2020-1983
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
- cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- cpe:2.3:a:libslirp_project:libslirp:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-1983
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-1983
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
2.0
|
4.0
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
Palo Alto Networks, Inc. |
CWE ids for CVE-2020-1983
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by:
- nvd@nist.gov (Primary)
- psirt@paloaltonetworks.com (Secondary)
References for CVE-2020-1983
-
https://lists.debian.org/debian-lts-announce/2020/06/msg00032.html
[SECURITY] [DLA 2262-1] qemu security updateMailing List;Third Party Advisory
-
https://gitlab.freedesktop.org/slirp/libslirp/-/issues/20
Security Disclosure (#20) · Issues · slirp / libslirp · GitLabExploit;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWFD4MWV3YWIHVHSA2F7FKOLJFL4PHOX/
[SECURITY] Fedora 32 Update: libslirp-4.2.0-2.fc32 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://usn.ubuntu.com/4372-1/
USN-4372-1: QEMU vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/9ac0371bb8c0a40f5d9f82a1c25129660e81df04
Merge branch 'cve-2020-1983' into 'master' (9ac0371b) · Commits · slirp / libslirp · GitLabPatch;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html
[SECURITY] [DLA 2288-1] qemu security updateMailing List;Third Party Advisory
-
https://www.debian.org/security/2020/dsa-4665
Debian -- Security Information -- DSA-4665-1 qemuThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00022.html
[security-announce] openSUSE-SU-2020:0636-1: important: Security updateMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKT2MTSINE4NUPG5L6BYH6N23NBNITOL/
[SECURITY] Fedora 31 Update: libslirp-4.1.0-2.fc31 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00001.html
[security-announce] openSUSE-SU-2020:0756-1: moderate: Security update fMailing List;Third Party Advisory
Jump to