Stefanha

**Name of the Vulnerable Software and Affected Versions** libslirp version 4.0.0 **Description** The issue is related to a heap-based buffer overflow in the `ip reass` function of the libslirp library, which can be exploited by a remote attacker to gain unauthorized access to information, cause a denial of service, or impact the availability of information. This problem affects QEMU, systems using KVM in Usermode, Virtualbox, and applications that use the libSLIRP network stack. **Recommendations** For libslirp version 4.0.0, consider disabling the `ip reass` function in the `ip input.c` file as a temporary workaround until a patch is available. Restrict access to the vulnerable libslirp library to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.