Bug 27968

Summary:	libslirp security vulnerability CVE-2020-29130
Product:	Mageia	Reporter:	Zombie Ryushu <zombie_ryushu>
Component:	Security	Assignee:	Mageia Bug Squad <bugsquad>
Status:	RESOLVED DUPLICATE	QA Contact:	Sec team <security>
Severity:	normal
Priority:	Normal
Version:	Cauldron
Target Milestone:	---
Hardware:	All
OS:	Linux
URL:	https://nvd.nist.gov/vuln/detail/CVE-2020-29130
Whiteboard:
Source RPM:	libslirp-4.3.1-2.mga8.src.rpm	CVE:	CVE-2020-29130
Status comment:

Description Zombie Ryushu 2020-12-29 07:36:14 CET

slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.

Zombie Ryushu 2020-12-29 07:36:34 CET

Summary: libslirp security vulnerability => libslirp security vulnerability CVE-2020-29130
CVE: (none) => CVE-2020-29130

Comment 1 David Walser 2020-12-29 17:04:35 CET

Already reported and FIXED!!!

*** This bug has been marked as a duplicate of bug 27823 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE