[Git][security-tracker-team/security-tracker][master] Add CVE-2020-10756/libslirp

Sun, 07 Jun 2020 00:09:12 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4039dbc8 by Salvatore Bonaccorso at 2020-06-07T09:05:20+02:00
Add CVE-2020-10756/libslirp

The issue consists in libslrip, while processing incoming ICMPv6 echo
requests, not validating the IPv6 payload length (ip->ip_pl) in the
icmp6_send_echoreply() function.

libslirp, qemu and slirp4netns have the problem, but src:slirp is not
added as the vulnerable code is not present. OTOH, qemu and slirp4netns
fortunately already switched to the system library in a more recent
update and so track the switching version instead as fixed (altough not
fully correct, as still unpatched source-wise).

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9048,8 +9048,17 @@ CVE-2020-10757
        RESERVED
        - linux <unfixed>
        NOTE: 
https://git.kernel.org/linus/5bfea2d9b17f1034a68147a8b03b9789af5700f9
-CVE-2020-10756
+CVE-2020-10756 [lirp: networking out-of-bounds read information disclosure 
vulnerability]
        RESERVED
+       - libslirp <unfixed>
+       - qemu 1:4.1-2
+       [buster] - qemu <postponed> (Minor issue)
+       [stretch] - qemu <postponed> (Minor issue)
+       - slirp4netns 1.0.1-1
+       [buster] - slirp4netns <no-dsa> (Minor issue)
+       NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as 
fixed.
+       NOTE: slirp4netns 1.0.1-1 switched to system libslirp, marking that 
version as fixed.
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1835986#c11
 CVE-2020-10755
        RESERVED
        - cinder <unfixed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4039dbc8753b051f252be8382d1cad1bf53789d9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4039dbc8753b051f252be8382d1cad1bf53789d9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to