USN-4437-1: libslirp vulnerability
27 July 2020
libslirp could be made to crash if it received specially crafted network traffic.
Releases
Packages
- libslirp - None
Details
Ziming Zhang and VictorV discovered that libslirp incorrectly handled
replying to certain ICMP echo requests. A remote attacker could possibly
use this issue to cause libslirp to crash, resulting in a denial of
service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04
After a standard system update you need to reboot your computer to make
all the necessary changes.
References
Related notices
- USN-4467-1: qemu-system-sparc, qemu-user, qemu-system-data, qemu-system-gui, qemu-utils, qemu-system-x86-xen, qemu-user-static, qemu-system-ppc, qemu-system-arm, qemu-system, qemu-block-extra, qemu-kvm, qemu-system-misc, qemu-user-binfmt, qemu-system-s390x, qemu-system-x86-microvm, qemu-system-mips, qemu-system-common, qemu, qemu-system-aarch64, qemu-system-x86, qemu-guest-agent