what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

CVE-2020-7039

Status Candidate

Overview

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.

Related Files

Ubuntu Security Notice USN-4632-1
Posted Nov 12, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4632-1 - It was discovered that the SLiRP networking implementation of the QEMU emulator did not properly manage memory under certain circumstances. An attacker could use this to cause a heap-based buffer overflow or other out- of-bounds access, which can lead to a denial of service or potentially execute arbitrary code. It was discovered that the SLiRP networking implementation of the QEMU emulator misuses snprintf return values. An attacker could use this to cause a denial of service or potentially execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-7039, CVE-2020-8608
MD5 | 4a371d27b914f9fc59555d745600a57f
Red Hat Security Advisory 2020-2730-01
Posted Jun 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2730-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-7039, CVE-2020-8608
MD5 | dc6dfdf4cb611202eb0aed051ecde219
Red Hat Security Advisory 2020-2342-01
Posted Jun 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2342-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow and out of bounds access vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-14378, CVE-2020-7039, CVE-2020-8608
MD5 | eee46e1ea242a66b68a9747fa2280480
Gentoo Linux Security Advisory 202005-02
Posted May 13, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202005-2 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 4.2.0-r5 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-11102, CVE-2020-1711, CVE-2020-7039
MD5 | a6202bd4daf407d7e3b9b9551adf3b24
Red Hat Security Advisory 2020-1358-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1358-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039
MD5 | e7c43f8e97219ff152c4eee449e9fa8f
Red Hat Security Advisory 2020-1360-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1360-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-7039
MD5 | 6e89fff283ae7e5823d8decff23706d1
Red Hat Security Advisory 2020-1352-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1352-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039, CVE-2020-8608
MD5 | 61b80d28d8bfedb474944ca7f224a2d1
Red Hat Security Advisory 2020-1351-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1351-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-7039, CVE-2020-8608
MD5 | 6cc0b8110b2a9e604a768f9dbe0f9193
Red Hat Security Advisory 2020-1344-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1344-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-7039
MD5 | 14afbbc1edfa17c9e66f4bcff9aafcdd
Red Hat Security Advisory 2020-1300-01
Posted Apr 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1300-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039, CVE-2020-8608
MD5 | 8dc55c2d6faa0fc31c0edb3e93b6c95b
Red Hat Security Advisory 2020-1296-01
Posted Apr 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1296-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039
MD5 | ec4aeaf9c9e35d0d2cc97de33e3cb51e
Red Hat Security Advisory 2020-1261-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1261-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-7039, CVE-2020-8608
MD5 | d06a5925bae0f791aa43cc3fc109f557
Red Hat Security Advisory 2020-1150-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1150-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039
MD5 | f88f15964da2655179ec8e0d234aec24
Red Hat Security Advisory 2020-1116-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1116-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-7039
MD5 | ed845fb716358ab6921de9005adf3a7d
Red Hat Security Advisory 2020-0889-01
Posted Mar 18, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0889-01 - The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-14378, CVE-2019-15890, CVE-2020-7039, CVE-2020-8608
MD5 | e729c7c5549f1baa53123e88c9850236
Red Hat Security Advisory 2020-0775-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0775-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include buffer overflow and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-14378, CVE-2019-15890, CVE-2020-7039
MD5 | 13db1540e0b00ac4cc27fb38e60ef4d1
Red Hat Security Advisory 2020-0348-01
Posted Feb 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0348-01 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-7039
MD5 | 24aa6fe4a060e720c16a7b7de4ff6ce3
Debian Security Advisory 4616-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4616-1 - Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-15890, CVE-2020-1711, CVE-2020-7039
MD5 | 64e17dfa20a0581f372e17439d45132b
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    1 Files
  • 24
    Jan 24th
    1 Files
  • 25
    Jan 25th
    36 Files
  • 26
    Jan 26th
    26 Files
  • 27
    Jan 27th
    28 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close