USN-4437-1: libslirp vulnerability

27 July 2020

libslirp could be made to crash if it received specially crafted network traffic.

Releases

Packages

  • libslirp - None

Details

Ziming Zhang and VictorV discovered that libslirp incorrectly handled
replying to certain ICMP echo requests. A remote attacker could possibly
use this issue to cause libslirp to crash, resulting in a denial of
service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

Related notices

  • USN-4467-1: qemu-system-aarch64, qemu-system-s390x, qemu-system-sparc, qemu-system-x86, qemu-system, qemu-system-x86-microvm, qemu-system-ppc, qemu-system-x86-xen, qemu, qemu-system-mips, qemu-system-arm