aboutsummaryrefslogtreecommitdiff
path: root/slirp/socket.c
diff options
context:
space:
mode:
authorMarc-André Lureau <marcandre.lureau@redhat.com>2020-11-27 20:57:07 +0400
committerMarc-André Lureau <marcandre.lureau@redhat.com>2020-11-27 20:57:11 +0400
commit37c0c885d19a4c2d69faed891b5c02aaffbdccfb (patch)
treedbc063a4ec7f1f4636dd807629de6d5157569b57 /slirp/socket.c
parentea8208249d1082eae0444934efb3b59cd3183f05 (diff)
downloadqemu-arm-37c0c885d19a4c2d69faed891b5c02aaffbdccfb.tar.gz
slirp: update to fix CVE-2020-29129 CVE-2020-29130
An out-of-bounds access issue was found in the SLIRP user networking implementation of QEMU. It could occur while processing ARP/NCSI packets, if the packet length was shorter than required to accommodate respective protocol headers and payload. A privileged guest user may use this flaw to potentially leak host information bytes. Marc-André Lureau (1): Merge branch 'stable-4.2' into 'stable-4.2' Prasad J Pandit (1): slirp: check pkt_len before reading protocol header Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Diffstat (limited to 'slirp/socket.c')
m---------slirp0
1 files changed, 0 insertions, 0 deletions
diff --git a/slirp b/slirp
-Subproject ce94eba2042d52a0ba3d9e252ebce86715e9427
+Subproject 8f43a99191afb47ca3f3c6972f6306209f367ec