USN-4632-1: SLiRP vulnerabilities
It was discovered that the SLiRP networking implementation of the QEMU
emulator did not properly manage memory under certain circumstances. An
attacker could use this to cause a heap-based buffer overflow or other out-
of-bounds access, which can lead to a denial of service (application crash)
or potentially execute arbitrary code. (CVE-2020-7039)
It was discovered that the SLiRP networking implementation of the QEMU
emulator misuses snprintf return values. An attacker could use this to
cause a denial of service (application crash) or potentially execute
arbitrary code. (CVE-2020-8608)
Source: USN-4632-1: SLiRP vulnerabilities
Leave a Reply