Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983]

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983]

From:	Michael Tokarev
Subject:	Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983]
Date:	Tue, 21 Apr 2020 15:56:48 +0300
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0

21.04.2020 13:33, Daniel P. Berrangé wrote:
[]
> Admittedly this may be troublesome for Debian which, AFAICT, does not
> add new packages to pre-existing stable releases. Presumably someone
> can add it to the "backports" release archive if this is too hard to
> get into a stable release ? Failing that, users would have to build
> slirp themselves.

This wont be a problem for Debian really, exactly due to the reason you
mentioned - backports.  I'm backporting libslirp and current qemu right
now.

Thanks!

/mjt

[Prev in Thread]

Current Thread

[Next in Thread]

SLiRP: use-afte-free in ip_reass() [CVE-2020-1983], Philippe Mathieu-Daudé, 2020/04/21
- Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983], Marc-André Lureau, 2020/04/21
  - Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983], Daniel P . Berrangé, 2020/04/21
    - Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983], Michael Tokarev <=
  - Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983], Philippe Mathieu-Daudé, 2020/04/21
  - Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983], Peter Maydell, 2020/04/21

Prev by Date: Re: [PATCH v3 03/10] iotests/283: make executable
Next by Date: Re: [PATCH 7/7] block: apply COR-filter to block-stream jobs
Previous by thread: Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983]
Next by thread: Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983]
Index(es):
- Date
- Thread