pve-qemu-qoup

c/pve-qemu-qoup

Fork 0

Commit Graph

Author	SHA1	Message	Date
Oguz Bektas	284d3b2cab	security patches for libslirp CVE-2020-8608 original commits and email can be found here[0] A out-of-bounds heap buffer access issue was found in the SLiRP networking implementation of the QEMU emulator. It occurs in tcp_emu() routine while emulating IRC and other protocols due to unsafe usage of snprintf(3) function. A user/process could use this flaw to crash the Qemu process on the host resulting in DoS or potentially execute arbitrary code with privileges of the QEMU process on the host. [0]: https://seclists.org/oss-sec/2020/q1/64 Signed-off-by: Oguz Bektas <o.bektas@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>	2020-03-06 15:17:29 +01:00

Author

SHA1

Message

Date

Oguz Bektas

284d3b2cab

security patches for libslirp CVE-2020-8608

original commits and email can be found here[0]

A out-of-bounds heap buffer access issue was found in the SLiRP
networking implementation of the QEMU emulator. It occurs in tcp_emu()
routine while emulating IRC and other protocols due to unsafe usage of
snprintf(3) function.

A user/process could use this flaw to crash the Qemu process on the host
resulting in DoS or potentially execute arbitrary code with privileges
of the QEMU process on the host.

[0]: https://seclists.org/oss-sec/2020/q1/64

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

2020-03-06 15:17:29 +01:00

1 Commits