Search CVE reports
1 – 2 of 2 results
CVE-2019-15890
Low prioritySome fixes available 14 of 130
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
20 affected packages
android, basilisk2, bochs, fs-uae, libslirp...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
basilisk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libslirp | Not affected | Not affected | Not affected | Not in release | Not in release |
ns3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
qemu | Fixed | Fixed | Fixed | Fixed | Fixed |
qemu-kvm | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-kvm-spice | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-linaro | Not in release | Not in release | Not in release | Not in release | Not in release |
redboot-imx | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
slirp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
slirp4netns | Not affected | Not affected | Not affected | Not in release | Not in release |
vde2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
virtualbox | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
virtualbox-hwe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
virtualbox-lts-vivid | Not in release | Not in release | Not in release | Not in release | Not in release |
virtualbox-lts-wily | Not in release | Not in release | Not in release | Not in release | Not in release |
virtualbox-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
xen | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2019-14378
Low prioritySome fixes available 14 of 87
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
13 affected packages
android, basilisk2, bochs, fs-uae, libslirp...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
basilisk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libslirp | Not affected | Not affected | Not affected | Not in release | Not in release |
qemu | Fixed | Fixed | Fixed | Fixed | Fixed |
qemu-kvm | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-kvm-spice | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-linaro | Not in release | Not in release | Not in release | Not in release | Not in release |
slirp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
slirp4netns | Not affected | Not affected | Not affected | Not in release | Not in release |
vde2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xen | Not affected | Not affected | Not affected | Not affected | Not affected |