CVE-2020-7211

Priority
Description
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\
directory traversal on Windows.
Notes
mdeslaurWindows-specific, patch only affects G_OS_WIN32
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):not-affected (windows-specific)
Patches:
Upstream:https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (windows-specific)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (windows-specific)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (windows-specific)
Ubuntu 19.10 (Eoan Ermine):not-affected (windows-specific)
Ubuntu 20.04 (Focal Fossa):not-affected (windows-specific)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (windows-specific)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
More Information

Updated: 2020-02-11 17:15:04 UTC (commit fae839bb22db47e2662727f00032a9cee08b5228)