ALT-PU-2020-3501-2

Package libslirp updated to version 4.4.0-alt1 for branch sisyphus in task 263356.

Уязвимость компонента src/ncsi.c эмулятора TCP-IP Libslirp, позволяющая нарушителю получить доступ к конфиденциальным данным

Severity: MEDIUM (4.3)Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Severity: MEDIUM (4.0)Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

References:

CVE-2020-29129

Уязвимость компонента slirp.c эмулятора TCP-IP Libslirp, позволяющая нарушителю получить доступ к конфиденциальным данным

Severity: MEDIUM (4.3)Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Severity: MEDIUM (4.0)Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

References:

CVE-2020-29130

ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.

Severity: MEDIUM (4.0)Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: MEDIUM (4.3)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References:

slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.

Severity: MEDIUM (4.0)Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: MEDIUM (4.3)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References:

Version: 2.1.2

Package libslirp update in sisyphus on 2020-12-12

ALT-PU-2020-3501-2

Closed vulnerabilities

BDU:2024-01491

BDU:2024-01493

CVE-2020-29129

CVE-2020-29130