Summary: | <app-emulation/qemu-3.1.0-r4: Slirp: information leakage in tcp_emu() due to uninitialized stack | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | tamiko, virtualization |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.openwall.com/lists/oss-security/2019/03/18/1 | ||
Whiteboard: | B4 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 681850 |
Description
Agostino Sarubbo
2019-03-18 07:39:45 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6fec2a540ce3e7cbd378287ee2837aeba6406eaf commit 6fec2a540ce3e7cbd378287ee2837aeba6406eaf Author: Matthias Maier <tamiko@gentoo.org> AuthorDate: 2019-04-08 02:26:43 +0000 Commit: Matthias Maier <tamiko@gentoo.org> CommitDate: 2019-04-08 02:51:08 +0000 app-emulation/qemu: multiple security fixes for 3.1.0 CVE-2018-20815 CVE-2019-9824 Bug: https://bugs.gentoo.org/681850 Bug: https://bugs.gentoo.org/680834 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: Matthias Maier <tamiko@gentoo.org> app-emulation/qemu/Manifest | 1 + app-emulation/qemu/qemu-3.1.0-r4.ebuild | 6 ++---- 2 files changed, 3 insertions(+), 4 deletions(-) This issue was resolved and addressed in GLSA 201904-25 at https://security.gentoo.org/glsa/201904-25 by GLSA coordinator Aaron Bauman (b-man). |