CVE-2020-1983

Description

A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.

Affected packages (3)

• Debian/libslirpfrom 0, < 4.2.0-2
• Debian/qemufrom 0, < 1:4.1-2
• Debian/slirp4netnsfrom 0, < 1.0.1-1

CVSS scores

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2020-1983