CVE-2020-8608

Priority
Description
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf
return values, leading to a buffer overflow in later code.
Notes
mdeslaurpossible better approach would be to disable tcp_emu completely
https://gitlab.freedesktop.org/slirp/libslirp/commit/07c2a44b67e219ac14207f7a1b33704e1312cf91
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):released (4.1.0-2ubuntu1)
Patches:
Upstream:https://gitlab.freedesktop.org/slirp/libslirp/commit/30648c03b27fb8d9611b723184216cd3174b6775
Upstream:https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):released (1:2.5+dfsg-5ubuntu10.43)
Ubuntu 18.04 LTS (Bionic Beaver):released (1:2.11+dfsg-1ubuntu7.23)
Ubuntu 19.10 (Eoan Ermine):released (1:4.0+dfsg-0ubuntu9.4)
Ubuntu 20.04 (Focal Fossa):not-affected (uses system libslirp)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Source: slirp (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 19.10 (Eoan Ermine):needed
Ubuntu 20.04 (Focal Fossa):needed
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.10 (Eoan Ermine):needs-triage
Ubuntu 20.04 (Focal Fossa):needs-triage
More Information

Updated: 2020-03-18 21:44:53 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)