PT-2020-4100 · Libslirp+9 · Libslirp+9

Laszlo Ersek

·

Published

2020-02-06

·

Updated

2024-11-08

·

CVE-2020-8608

CVSS v2.0

6.8

Medium

VectorAV:N/AC:M/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions: libslirp version 4.1.0 QEMU version 4.2.0
Description: The issue is related to a component of the Libslirp TCP-IP emulator, specifically the tcp subr.c library, which has an insufficient mechanism for checking the size of copied data. This allows a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. The problem arises from the misuse of snprintf return values in the tcp subr.c file, leading to a buffer overflow in later code.
Recommendations: For libslirp version 4.1.0, consider updating to a newer version that addresses the buffer overflow issue in the tcp subr.c library. For QEMU version 4.2.0, update to a version that includes the fix for the libslirp component to prevent exploitation of the buffer overflow vulnerability. As a temporary workaround, consider restricting access to the tcp subr.c component until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

ALSA-2020:1379
ALSA-2020:2774
ALT-PU-2020-1447
ALT-PU-2020-1463
BDU:2020-04502
CESA-2020_1379
CESA-2020_1403
CESA-2020_2774
CVE-2020-8608
DLA-2142-1
DLA-2144-1
DLA-2288-1
DLA-2551-1
DSA-4733-1
OPENSUSE-SU-2020:0468-1
OPENSUSE-SU-2020_0468-1
OPENSUSE-SU-2021:1043-1
OPENSUSE-SU-2021:1942-1
OPENSUSE-SU-2021_1043-1
OPENSUSE-SU-2021_1942-1
OPENSUSE-SU-2024:11287-1
RHSA-2020:0889
RHSA-2020:1208
RHSA-2020:1209
RHSA-2020:1261
RHSA-2020:1292
RHSA-2020:1300
RHSA-2020:1351
RHSA-2020:1352
RHSA-2020:1379
RHSA-2020:1403
RHSA-2020:2342
RHSA-2020:2730
RHSA-2020:2773
RHSA-2020:2774
RHSA-2020:2844
RHSA-2020:3040
RHSA-2020_1208
RHSA-2020_1209
RHSA-2020_1379
RHSA-2020_1403
RHSA-2020_2774
RLSA-2020:1379
RLSA-2020:2774
SUSE-SU-2020:0844-1
SUSE-SU-2020:0845-1
SUSE-SU-2020:14396-1
SUSE-SU-2020:14444-1
SUSE-SU-2020:14448-1
SUSE-SU-2020:1501-1
SUSE-SU-2020:1514-1
SUSE-SU-2020:1523-1
SUSE-SU-2020:1526-1
SUSE-SU-2020:1538-1
SUSE-SU-2020:2141-1
SUSE-SU-2020:2171-1
SUSE-SU-2020:2234-1
SUSE-SU-2020:3880-1
SUSE-SU-2020_1501-1
SUSE-SU-2020_1514-1
SUSE-SU-2020_1523-1
SUSE-SU-2020_1526-1
SUSE-SU-2020_1538-1
SUSE-SU-2020_2141-1
SUSE-SU-2020_2171-1
SUSE-SU-2021:14706-1
SUSE-SU-2021:1829-1
SUSE-SU-2021:1837-1
SUSE-SU-2021:1893-1
SUSE-SU-2021:1894-1
SUSE-SU-2021:1895-1
SUSE-SU-2021:1918-1
SUSE-SU-2021:1942-1
SUSE-SU-2021:1947-1
USN-4283-1
USN-4632-1
USN-7094-1

Affected Products

Alt Linux
Almalinux
Centos
Linuxmint
Qemu
Red Hat
Rocky Linux
Suse
Ubuntu
Libslirp