[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

QEMU: slirp: heap buffer overflow during packet reassembly - CVE-2019-14378

ID: oval:org.secpod.oval:def:58236Date: (C)2019-10-10   (M)2023-12-20
Class: VULNERABILITYFamily: unix




A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the ip_reass() routine while reassembling incoming packets if the first fragment is bigger than the m->m_dat[] buffer. An attacker could use this flaw to crash the QEMU process on the host, resulting in a Denial of Service or potentially executing arbitrary code with privileges of the QEMU process.

Platform:
CentOS 7
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Product:
qemu-kvm
Reference:
CVE-2019-14378
CVE    1
CVE-2019-14378
CPE    4
cpe:/a:kvm_group:qemu-kvm
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:centos:centos:7
...

© SecPod Technologies