First published: Thu Nov 26 2020(Updated: )
An out-of-bounds access issue was found in the SLiRP user networking implementation of QEMU. It could occur while processing ARP/NCSI packets, if the packet length was shorter than required to accommodate respective protocol headers and payload. A privileged guest user may use this flaw to potentially leak host information bytes.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Libslirp Project Libslirp | <=4.3.1 | |
Fedoraproject Fedora | =32 | |
Fedoraproject Fedora | =33 | |
Debian Debian Linux | =10.0 | |
debian/libslirp | 4.4.0-1+deb11u2 4.7.0-1 4.8.0-1 | |
debian/qemu | 1:5.2+dfsg-11+deb11u3 1:5.2+dfsg-11+deb11u2 1:7.2+dfsg-7+deb12u7 1:9.2.0+ds-2 |
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-29129 is an out-of-bounds access vulnerability found in the SLiRP user networking implementation of QEMU.
CVE-2020-29129 has a low severity rating with a CVSS score of 2.5.
CVE-2020-29129 can occur while processing ARP/NCSI packets if the packet length is insufficient to accommodate the required headers and payload.
CVE-2020-29129 could be used by a privileged guest user to potentially exploit the system.
Yes, here are some references for CVE-2020-29129: 1. https://lists.freedesktop.org/archives/slirp/2020-November/000115.html 2. https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1902232 3. https://www.openwall.com/lists/oss-security/2020/11/27/1