Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 731988 - <net-libs/libslirp-4.3.1: Information disclosure via crafted ipv6 packets (CVE-2020-10756)
Summary: <net-libs/libslirp-4.3.1: Information disclosure via crafted ipv6 packets (CV...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: ~4 [noglsa cve]
Keywords:
Depends on:
Blocks: CVE-2020-10756
  Show dependency tree
 
Reported: 2020-07-09 21:42 UTC by John Helmert III
Modified: 2020-07-09 22:05 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2020-07-09 21:42:44 UTC 
CVE-2020-10756:

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious guest to leak the contents of the host memory, resulting in possible information disclosure. This flaw affects versions of libslirp before 4.3.1.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2020-07-09 21:43:28 UTC 
Maintainer, please cleanup <4.3.1.
Comment 2 Larry the Git Cow gentoo-dev 2020-07-09 21:57:44 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7fdb9c3ae9a5af18bd2d5402e1c6c86c38d57333

commit 7fdb9c3ae9a5af18bd2d5402e1c6c86c38d57333
Author:     Zac Medico <zmedico@gentoo.org>
AuthorDate: 2020-07-09 21:56:50 +0000
Commit:     Zac Medico <zmedico@gentoo.org>
CommitDate: 2020-07-09 21:57:10 +0000

    net-libs/libslirp: Remove vulnerable <4.3.1
    
    Bug: https://bugs.gentoo.org/731988
    Package-Manager: Portage-2.3.103, Repoman-2.3.23
    Signed-off-by: Zac Medico <zmedico@gentoo.org>

 net-libs/libslirp/Manifest              |  1 -
 net-libs/libslirp/libslirp-4.3.0.ebuild | 26 --------------------------
 2 files changed, 27 deletions(-)
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2020-07-09 22:03:57 UTC 
Wow, that was quick. Thanks Zac!