vulnerability
Red Hat OpenShift: CVE-2020-8608: QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | 2020-02-06 | 2020-12-29 | 2025-04-11 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
2020-02-06
Added
2020-12-29
Modified
2025-04-11
Description
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
Solution(s)
linuxrpm-upgrade-atomic-enterprise-service-cataloglinuxrpm-upgrade-atomic-openshift-service-idlerlinuxrpm-upgrade-cri-olinuxrpm-upgrade-cri-toolslinuxrpm-upgrade-dracutlinuxrpm-upgrade-jenkinslinuxrpm-upgrade-jenkins-2-pluginslinuxrpm-upgrade-machine-config-daemonlinuxrpm-upgrade-openshiftlinuxrpm-upgrade-openshift-ansiblelinuxrpm-upgrade-openshift-clientslinuxrpm-upgrade-openshift-kuryrlinuxrpm-upgrade-slirp4netnslinuxrpm-upgrade-toolbox
References
- CVE-2020-8608
- https://attackerkb.com/topics/CVE-2020-8608
- REDHAT-RHSA-2020:0889
- REDHAT-RHSA-2020:1208
- REDHAT-RHSA-2020:1209
- REDHAT-RHSA-2020:1261
- REDHAT-RHSA-2020:1292
- REDHAT-RHSA-2020:1300
- REDHAT-RHSA-2020:1351
- REDHAT-RHSA-2020:1352
- REDHAT-RHSA-2020:1379
- REDHAT-RHSA-2020:1403
- REDHAT-RHSA-2020:2342
- REDHAT-RHSA-2020:2730
- REDHAT-RHSA-2020:2773
- REDHAT-RHSA-2020:2774
- REDHAT-RHSA-2020:2844
- REDHAT-RHSA-2020:3040
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.