Libslirp Project : Security Vulnerabilities, CVEs, Published In 2019
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
Max CVSS
7.5
EPSS Score
0.91%
Published
2019-09-06
Updated
2019-09-20
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
Max CVSS
8.8
EPSS Score
1.67%
Published
2019-07-29
Updated
2020-08-24
2 vulnerabilities found