Skip to content

CVE-2019-14378 buffer overflow (libslirp)

Low
AkihiroSuda published GHSA-gjwp-vf65-3jqf Aug 9, 2019 · 1 comment

Package

slirp4netns

Affected versions

v0.2.2, v0.3.1, v0.4.0-beta.2, and prior versions

Patched versions

v0.2.3, v0.3.2, v0.4.0-beta.3, and later

Description

Impact

https://security-tracker.debian.org/tracker/CVE-2019-14378

ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.

Patches

On upstream libslirp, the vulnerability was fixed on Jul 28, 2019: https://gitlab.freedesktop.org/slirp/libslirp/commit/126c04acbabd7ad32c2b018fe10dfac2a3bc1210

The fix was to applied to slirp4netns in:

  • 4f98340 (Aug 1, 2019; included in v0.4.0-beta.3)
  • 3f9e646 (Aug 3, 2019; included in v0.3.2)
  • 08b92fd (Aug 3, 2019; included in v0.2.3)

Severity

Low

CVE ID

CVE-2019-14378

Weaknesses

No CWEs