[Slirp] [PATCH] slirp: check pkt_len before reading protocol header
P J P
ppandit at redhat.com
Fri Nov 27 13:11:07 UTC 2020
+-- On Thu, 26 Nov 2020, Marc-André Lureau wrote --+
| Weird that even basic fuzzing (with ASAN) didn't reach that.. we should
| investigate that further.
|
| Reviewed-by: Marc-André Lureau <marcandre.lureau at redhat.com>
| Is there a CVE?
CVE-2020-29129 CVE-2020-29130
QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets
-> https://www.openwall.com/lists/oss-security/2020/11/27/1
Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
8685 545E B54C 486B C6EB 271E E285 8B5A F050 DE8D
More information about the Slirp
mailing list