From 37c0c885d19a4c2d69faed891b5c02aaffbdccfb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= Date: Fri, 27 Nov 2020 20:57:07 +0400 Subject: [PATCH] slirp: update to fix CVE-2020-29129 CVE-2020-29130 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit An out-of-bounds access issue was found in the SLIRP user networking implementation of QEMU. It could occur while processing ARP/NCSI packets, if the packet length was shorter than required to accommodate respective protocol headers and payload. A privileged guest user may use this flaw to potentially leak host information bytes. Marc-André Lureau (1): Merge branch 'stable-4.2' into 'stable-4.2' Prasad J Pandit (1): slirp: check pkt_len before reading protocol header Signed-off-by: Marc-André Lureau --- slirp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/slirp b/slirp index ce94eba204..8f43a99191 160000 --- a/slirp +++ b/slirp @@ -1 +1 @@ -Subproject commit ce94eba2042d52a0ba3d9e252ebce86715e94275 +Subproject commit 8f43a99191afb47ca3f3c6972f6306209f367ece