In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html
https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0
https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843
https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html
https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html
https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html
https://security.gentoo.org/glsa/202003-66
https://security.netapp.com/advisory/ntap-20201001-0002/
https://usn.ubuntu.com/4283-1/
Source: MITRE
Published: 2020-02-06
Updated: 2021-02-14
Type: CWE-120
Base Score: 6.8
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 8.6
Severity: MEDIUM
Base Score: 5.6
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Impact Score: 3.4
Exploitability Score: 2.2
Severity: MEDIUM
OR
OR
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
147700 | EulerOS : qemu (EulerOS-SA-2021-1667) | Nessus | Huawei Local Security Checks | medium |
147523 | EulerOS : qemu (EulerOS-SA-2021-1632) | Nessus | Huawei Local Security Checks | medium |
147408 | NewStart CGSL MAIN 4.06 : qemu-kvm Multiple Vulnerabilities (NS-SA-2021-0004) | Nessus | NewStart CGSL Local Security Checks | medium |
146372 | Debian DLA-2551-1 : slirp security update | Nessus | Debian Local Security Checks | medium |
145861 | CentOS 8 : virt:rhel (CESA-2020:2774) | Nessus | CentOS Local Security Checks | medium |
144492 | SUSE SLES12 Security Update : xen (SUSE-SU-2020:3880-1) | Nessus | SuSE Local Security Checks | medium |
143036 | RHEL 8 : virt:rhel (RHSA-2020:3040) | Nessus | Red Hat Local Security Checks | medium |
142969 | Ubuntu 16.04 LTS / 18.04 LTS : SLiRP vulnerabilities (USN-4632-1) | Nessus | Ubuntu Local Security Checks | medium |
140275 | NewStart CGSL MAIN 4.05 : qemu-kvm Multiple Vulnerabilities (NS-SA-2020-0049) | Nessus | NewStart CGSL Local Security Checks | medium |
139595 | SUSE SLES12 Security Update : xen (SUSE-SU-2020:2234-1) | Nessus | SuSE Local Security Checks | medium |
138202 | Oracle Linux 8 : virt:ol (ELSA-2020-2774) | Nessus | Oracle Linux Local Security Checks | medium |
135665 | Oracle Linux 8 : container-tools:ol8 (ELSA-2020-1379) | Nessus | Oracle Linux Local Security Checks | medium |
139454 | SUSE SLES12 Security Update : xen (SUSE-SU-2020:2171-1) | Nessus | SuSE Local Security Checks | medium |
139402 | SUSE SLES12 Security Update : xen (SUSE-SU-2020:2141-1) | Nessus | SuSE Local Security Checks | medium |
139088 | Amazon Linux AMI : qemu-kvm (ALAS-2020-1408) | Nessus | Amazon Linux Local Security Checks | medium |
138914 | Debian DSA-4733-1 : qemu - security update | Nessus | Debian Local Security Checks | medium |
138911 | Debian DLA-2288-1 : qemu security update | Nessus | Debian Local Security Checks | medium |
138856 | Amazon Linux 2 : qemu (ALAS-2020-1467) | Nessus | Amazon Linux Local Security Checks | medium |
138642 | Amazon Linux AMI : qemu-kvm (ALAS-2020-1400) | Nessus | Amazon Linux Local Security Checks | medium |
138173 | RHEL 7 : qemu-kvm (RHSA-2020:2844) | Nessus | Red Hat Local Security Checks | medium |
138073 | RHEL 7 : slirp4netns (RHSA-2020:0889) | Nessus | Red Hat Local Security Checks | medium |
138013 | RHEL 8 : virt:rhel (RHSA-2020:2773) | Nessus | Red Hat Local Security Checks | medium |
137892 | RHEL 8 : virt:rhel (RHSA-2020:2774) | Nessus | Red Hat Local Security Checks | medium |
137795 | EulerOS Virtualization for ARM 64 3.0.6.0 : qemu-kvm (EulerOS-SA-2020-1688) | Nessus | Huawei Local Security Checks | medium |
137758 | RHEL 7 : qemu-kvm-rhev (RHSA-2020:2730) | Nessus | Red Hat Local Security Checks | medium |
137586 | SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1538-1) | Nessus | SuSE Local Security Checks | medium |
137581 | SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1526-1) | Nessus | SuSE Local Security Checks | medium |
137579 | SUSE SLES15 Security Update : qemu (SUSE-SU-2020:1523-1) | Nessus | SuSE Local Security Checks | medium |
137577 | SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1514-1) | Nessus | SuSE Local Security Checks | medium |
137549 | SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1501-1) | Nessus | SuSE Local Security Checks | medium |
137489 | EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2020-1647) | Nessus | Huawei Local Security Checks | high |
137244 | RHEL 6 : qemu-kvm (RHSA-2020:1403) | Nessus | Red Hat Local Security Checks | medium |
136015 | CentOS 6 : qemu-kvm (CESA-2020:1403) | Nessus | CentOS Local Security Checks | critical |
135833 | Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20200407) | Nessus | Scientific Linux Local Security Checks | medium |
135559 | EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2020-1430) | Nessus | Huawei Local Security Checks | critical |
135428 | Oracle Linux 7 : qemu-kvm (ELSA-2020-1208) | Nessus | Oracle Linux Local Security Checks | critical |
135382 | Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20200408) | Nessus | Scientific Linux Local Security Checks | medium |
135379 | Oracle Linux 6 : qemu-kvm (ELSA-2020-1403) | Nessus | Oracle Linux Local Security Checks | critical |
135265 | openSUSE Security Update : qemu (openSUSE-2020-468) | Nessus | SuSE Local Security Checks | medium |
135251 | RHEL 8 : container-tools:rhel8 (RHSA-2020:1379) | Nessus | Red Hat Local Security Checks | medium |
135249 | RHEL 7 : qemu-kvm-ma (RHSA-2020:1352) | Nessus | Red Hat Local Security Checks | medium |
135245 | RHEL 7 : qemu-kvm (RHSA-2020:1351) | Nessus | Red Hat Local Security Checks | medium |
135175 | RHEL 7 : qemu-kvm-rhev (RHSA-2020:1292) | Nessus | Red Hat Local Security Checks | medium |
135173 | RHEL 7 : qemu-kvm-rhev (RHSA-2020:1300) | Nessus | Red Hat Local Security Checks | medium |
135169 | SUSE SLES12 Security Update : qemu (SUSE-SU-2020:0845-1) | Nessus | SuSE Local Security Checks | medium |
135168 | SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2020:0844-1) | Nessus | SuSE Local Security Checks | medium |
135065 | RHEL 7 : qemu-kvm (RHSA-2020:1208) | Nessus | Red Hat Local Security Checks | medium |
135050 | RHEL 7 : qemu-kvm-ma (RHSA-2020:1209) | Nessus | Red Hat Local Security Checks | medium |
135021 | GLSA-202003-66 : QEMU: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | medium |
134790 | EulerOS 2.0 SP8 : qemu (EulerOS-SA-2020-1298) | Nessus | Huawei Local Security Checks | medium |
134631 | Debian DLA-2144-1 : qemu security update | Nessus | Debian Local Security Checks | medium |
134576 | Debian DLA-2142-1 : slirp security update | Nessus | Debian Local Security Checks | critical |
133796 | Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : QEMU vulnerabilities (USN-4283-1) | Nessus | Ubuntu Local Security Checks | medium |