{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-09T23:06:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"}, {"tags": ["x_refsource_MISC"], "url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"}, {"tags": ["x_refsource_MISC"], "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"}, {"name": "USN-4283-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4283-1/"}, {"name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"}, {"name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"}, {"name": "GLSA-202003-66", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202003-66"}, {"name": "openSUSE-SU-2020:0468", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"}, {"name": "DSA-4733", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2020/dsa-4733"}, {"name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20201001-0002/"}, {"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-8608", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843", "refsource": "MISC", "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"}, {"name": "https://www.openwall.com/lists/oss-security/2020/02/06/2", "refsource": "MISC", "url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"}, {"name": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0", "refsource": "MISC", "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"}, {"name": "USN-4283-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4283-1/"}, {"name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"}, {"name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"}, {"name": "GLSA-202003-66", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-66"}, {"name": "openSUSE-SU-2020:0468", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"}, {"name": "DSA-4733", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2020/dsa-4733"}, {"name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"}, {"name": "https://security.netapp.com/advisory/ntap-20201001-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20201001-0002/"}, {"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:03:46.311Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"}, {"name": "USN-4283-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4283-1/"}, {"name": "[debian-lts-announce] 20200313 [SECURITY] [DLA 2142-1] slirp security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"}, {"name": "[debian-lts-announce] 20200316 [SECURITY] [DLA 2144-1] qemu security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"}, {"name": "GLSA-202003-66", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202003-66"}, {"name": "openSUSE-SU-2020:0468", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"}, {"name": "DSA-4733", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2020/dsa-4733"}, {"name": "[debian-lts-announce] 20200726 [SECURITY] [DLA 2288-1] qemu security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20201001-0002/"}, {"name": "[debian-lts-announce] 20210209 [SECURITY] [DLA 2551-1] slirp security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-8608", "datePublished": "2020-02-06T16:45:25", "dateReserved": "2020-02-04T00:00:00", "dateUpdated": "2024-08-04T10:03:46.311Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libslirp_project:libslirp:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3679E165-A6B7-41B5-AC02-F38A00DAFD78", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code."}, {"lang": "es", "value": "En libslirp versi\u00f3n 4.1.0, como es usado en QEMU versi\u00f3n 4.2.0, el archivo tcp_subr.c utiliza inapropiadamente los valores de retorno de snprintf, lo que conlleva a un desbordamiento del b\u00fafer en el c\u00f3digo posterior."}], "id": "CVE-2020-8608", "lastModified": "2021-02-14T03:50:32.037", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-02-06T17:15:14.723", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00007.html"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://gitlab.freedesktop.org/slirp/libslirp/-/tags/v4.1.0"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00015.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00017.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00012.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202003-66"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20201001-0002/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4283-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2020/dsa-4733"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2020/02/06/2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Laszlo Ersek (redhat.com) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2020:1261", "cpe": "cpe:/a:redhat:advanced_virtualization:8.1::el8", "package": "virt:8.1-8010120200304224358.5db1954d", "product_name": "Advanced Virtualization for RHEL 8.1.1", "release_date": "2020-04-01T00:00:00Z"}, {"advisory": "RHSA-2020:1261", "cpe": "cpe:/a:redhat:advanced_virtualization:8.1::el8", "package": "virt-devel:8.1-8010120200304224358.5db1954d", "product_name": "Advanced Virtualization for RHEL 8.1.1", "release_date": "2020-04-01T00:00:00Z"}, {"advisory": "RHSA-2020:1403", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "qemu-kvm-2:0.12.1.2-2.506.el6_10.7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2020-04-08T00:00:00Z"}, {"advisory": "RHSA-2020:1208", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "qemu-kvm-10:1.5.3-173.el7_8.1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-03-31T00:00:00Z"}, {"advisory": "RHSA-2020:1209", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "qemu-kvm-ma-10:2.12.0-44.el7_8.1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-03-31T00:00:00Z"}, {"advisory": "RHSA-2020:2844", "cpe": "cpe:/o:redhat:rhel_eus:7.6", "package": "qemu-kvm-10:1.5.3-160.el7_6.7", "product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date": "2020-07-07T00:00:00Z"}, {"advisory": "RHSA-2020:1351", "cpe": "cpe:/o:redhat:rhel_eus:7.7", "package": "qemu-kvm-10:1.5.3-167.el7_7.6", "product_name": "Red Hat Enterprise Linux 7.7 Extended Update Support", "release_date": "2020-04-07T00:00:00Z"}, {"advisory": "RHSA-2020:1352", "cpe": "cpe:/o:redhat:rhel_eus:7.7", "package": "qemu-kvm-ma-10:2.12.0-33.el7_7.3", "product_name": "Red Hat Enterprise Linux 7.7 Extended Update Support", "release_date": "2020-04-07T00:00:00Z"}, {"advisory": "RHSA-2020:0889", "cpe": "cpe:/a:redhat:rhel_extras_other:7", "package": "slirp4netns-0:0.3.0-8.el7_7", "product_name": "Red Hat Enterprise Linux 7 Extras", "release_date": "2020-03-17T00:00:00Z"}, {"advisory": "RHSA-2020:1379", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "container-tools:rhel8-8010120200326094405.f8993c42", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-04-07T00:00:00Z"}, {"advisory": "RHSA-2020:2774", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "virt-devel:rhel-8020020200601195459.4cda2c84", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-06-30T00:00:00Z"}, {"advisory": "RHSA-2020:2774", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "virt:rhel-8020020200601195459.4cda2c84", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-06-30T00:00:00Z"}, {"advisory": "RHSA-2020:3040", "cpe": "cpe:/a:redhat:rhel_e4s:8.0", "package": "virt:rhel-8000020200526192422.f8e95b4e", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-07-21T00:00:00Z"}, {"advisory": "RHSA-2020:2773", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "virt-devel:rhel-8010020200526033036.c27ad7f8", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2020-06-30T00:00:00Z"}, {"advisory": "RHSA-2020:2773", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "virt:rhel-8010020200526033036.c27ad7f8", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2020-06-30T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "atomic-enterprise-service-catalog-1:4.3.3-202002170501.git.1.f30799e.el7", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "atomic-openshift-service-idler-0:4.3.3-202002170501.git.1.4feff9c.el7", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "cri-o-0:1.16.3-20.dev.rhaos4.3.git11c04e3.el7", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "cri-tools-0:1.17.0-1.el8", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "dracut-0:049-64.git20200123.el8", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "jenkins-0:2.204.1.1581950993-1.el7", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "jenkins-2-plugins-0:4.3.1581956184-1.el7", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "machine-config-daemon-0:4.3.3-202002170501.git.1.6b1b155.el8", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "openshift-0:4.3.3-202002140552.git.0.e38059c.el8", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "openshift-ansible-0:4.3.3-202002142331.git.173.bb0b5a1.el7", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "openshift-clients-0:4.3.3-202002140552.git.1.ff73b47.el7", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "openshift-kuryr-0:4.3.3-202002170501.git.1.3b8b4cc.el8", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "slirp4netns-0:0.4.2-4.git21fdece.el8", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHBA-2020:0527", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "toolbox-0:0.0.6-1.rhaos4.3.el8", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHSA-2020:1300", "cpe": "cpe:/a:redhat:openstack:10::el7", "impact": "moderate", "package": "qemu-kvm-rhev-10:2.12.0-33.el7_7.10", "product_name": "Red Hat OpenStack Platform 10.0 (Newton)", "release_date": "2020-04-02T00:00:00Z"}, {"advisory": "RHSA-2020:2730", "cpe": "cpe:/a:redhat:openstack:13::el7", "impact": "moderate", "package": "qemu-kvm-rhev-10:2.12.0-44.el7_8.1", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2020-06-24T00:00:00Z"}, {"advisory": "RHSA-2020:2730", "cpe": "cpe:/a:redhat:openstack:13::el7", "impact": "moderate", "package": "qemu-kvm-rhev-10:2.12.0-18.el7_6.11", "product_name": "Red Hat OpenStack Platform 13.0 (Queens) for RHEL 7.6 EUS", "release_date": "2020-06-24T00:00:00Z"}, {"advisory": "RHSA-2020:1292", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "qemu-kvm-rhev-10:2.12.0-44.el7_8.1", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2020-04-02T00:00:00Z"}, {"advisory": "RHSA-2020:2342", "cpe": "cpe:/a:redhat:rhev_manager:4.2", "package": "qemu-kvm-rhev-10:2.12.0-18.el7_6.11", "product_name": "Red Hat Virtualization Engine 4.2", "release_date": "2020-06-01T00:00:00Z"}, {"advisory": "RHSA-2020:1292", "cpe": "cpe:/a:redhat:rhev_manager:4.3", "package": "qemu-kvm-rhev-10:2.12.0-44.el7_8.1", "product_name": "Red Hat Virtualization Engine 4.3", "release_date": "2020-04-02T00:00:00Z"}], "bugzilla": {"description": "QEMU: Slirp: potential OOB access due to unsafe snprintf() usages", "id": "1798453", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798453"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "status": "verified"}, "cwe": "CWE-122", "details": ["In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.", "An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcp_emu() routine while emulating IRC and other protocols due to unsafe usage of the snprintf(3) function. A user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host."], "mitigation": {"lang": "en:us", "value": "This issue can only be resolved by applying updates.\nMitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2020-8608", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "kvm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "xen", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "container-tools:1.0/slirp4netns", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "container-tools:2.0/slirp4netns", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:advanced_virtualization:8::el8", "fix_state": "Affected", "package_name": "qemu-kvm", "product_name": "Red Hat Enterprise Linux 8 Advanced Virtualization"}], "public_date": "2020-01-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-8608\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-8608"], "statement": "This issue affects user-mode or SLiRP networking implementation of the QEMU emulator. Though qemu-kvm package is built with SLiRP networking support, due to its limitations, it is not used by the virtual machine guests by default.\nThis issue affects versions of the qemu-kvm package as shipped with Red Hat Enterprise Linux 5, 6, 7, 8 and Red Hat Enterprise Linux Advanced Virtualization 8. Future qemu-kvm package updates for Red Hat Enterprise Linux 6, 7, 8 and Red Hat Enterprise Linux Advanced Virtualization 8 may address this issue.\nRed Hat Enterprise Linux 5 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This issue is currently not planned to be addressed in its future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\nRed Hat OpenStack Platform: \nThis flaw impacts KVM user-mode or SLIRP networking, which is not used in Red Hat OpenStack Platform. Although updating is recommended for affected versions (see below), Red Hat OpenStack Platform environments are not vulnerable.", "threat_severity": "Important", "upstream_fix": "libslirp 4.3.0"}