ALAS2-2020-1485 --- qemu ivshmem-toolsID: oval:org.secpod.oval:def:1700508 | Date: (C)2020-11-27 (M)2023-12-20 |
Class: PATCH | Family: unix |
A use after free vulnerability in ip_reass in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. A use-after-free flaw was found in the SLiRP networking implementation of the QEMU emulator. Specifically, this flaw occurs in the ip_reass routine while reassembling incoming IP fragments whose combined size is bigger than 65k. This flaw allows an attacker to crash the QEMU process on the host, resulting in a denial of service
Product: |
qemu |
ivshmem-tools |