slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
2020-11-26T20:15:10.800
2024-11-21T05:23:39.427
Modified
CVSSv3.1: 4.3 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | libslirp_project | libslirp | ≤ 4.3.1 | Yes |
Operating System | debian | debian_linux | 9.0 | Yes |
Operating System | fedoraproject | fedora | 32 | Yes |
Operating System | fedoraproject | fedora | 33 | Yes |