slirp: update to fix CVE-2020-29129 CVE-2020-29130
An out-of-bounds access issue was found in the SLIRP user networking implementation of QEMU. It could occur while processing ARP/NCSI packets, if the packet length was shorter than required to accommodate respective protocol headers and payload. A privileged guest user may use this flaw to potentially leak host information bytes. Marc-André Lureau (1): Merge branch 'stable-4.2' into 'stable-4.2' Prasad J Pandit (1): slirp: check pkt_len before reading protocol header Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
This commit is contained in:
parent
ea8208249d
commit
37c0c885d1
2
slirp
2
slirp
@ -1 +1 @@
|
|||||||
Subproject commit ce94eba2042d52a0ba3d9e252ebce86715e94275
|
Subproject commit 8f43a99191afb47ca3f3c6972f6306209f367ece
|
Loading…
Reference in New Issue
Block a user