{"id":"CVE-2019-15890","details":"libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.","modified":"2026-04-10T04:15:49.288648Z","published":"2019-09-06T17:15:11.697Z","related":["ALSA-2020:4676","SUSE-SU-2019:14199-1","SUSE-SU-2019:14201-1","SUSE-SU-2019:2753-1","SUSE-SU-2019:2769-1","SUSE-SU-2019:2783-1","SUSE-SU-2019:2955-1","SUSE-SU-2020:0388-1","SUSE-SU-2020:14396-1","SUSE-SU-2020:1514-1","SUSE-SU-2020:1526-1","SUSE-SU-2020:1538-1","SUSE-SU-2021:14706-1","SUSE-SU-2021:1829-1","SUSE-SU-2021:1837-1","SUSE-SU-2021:1893-1","SUSE-SU-2021:1894-1","SUSE-SU-2021:1895-1","SUSE-SU-2021:1918-1","SUSE-SU-2021:1942-1","SUSE-SU-2021:1947-1","openSUSE-SU-2019:2510-1","openSUSE-SU-2021:1043-1","openSUSE-SU-2021:1942-1","openSUSE-SU-2024:11287-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"},{"type":"WEB","url":"https://usn.ubuntu.com/4191-1/"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html"},{"type":"WEB","url":"https://seclists.org/bugtraq/2020/Feb/0"},{"type":"WEB","url":"https://usn.ubuntu.com/4191-2/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2020/dsa-4616"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0775"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2019/09/06/3"},{"type":"FIX","url":"https://gitlab.freedesktop.org/slirp/libslirp/commit/c5927943"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/qemu/qemu","events":[{"introduced":"0"},{"last_affected":"131b9a05705636086699df15d4a6d328bb2585e8"},{"introduced":"0"},{"last_affected":"9e06029aea3b2eca1d5261352e695edc1e7d7b8b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.0.0-NA"},{"introduced":"0"},{"last_affected":"4.1.0"}]}},{"type":"GIT","repo":"https://gitlab.freedesktop.org/slirp/libslirp","events":[{"introduced":"0"},{"fixed":"c5927943"}]}],"versions":["v0.1.0","v0.1.1","v0.1.3","v0.1.4","v0.1.5","v0.1.6","v0.11.0-rc0","v0.12.0-rc0","v0.13.0-rc0","v0.14.0-rc0","v0.2.0","v0.3.0","v0.4.0","v0.4.1","v0.4.2","v0.4.3","v0.4.4","v0.5.0","v1.0","v1.0-rc0","v1.0-rc1","v1.0-rc2","v1.0-rc3","v1.0-rc4","v1.1-rc0","v1.1-rc1","v1.1-rc2","v1.1.0","v1.1.0-rc2","v1.1.0-rc3","v1.1.0-rc4","v1.2.0","v1.2.0-rc0","v1.2.0-rc1","v1.2.0-rc2","v1.2.0-rc3","v1.3.0","v1.3.0-rc0","v1.3.0-rc1","v1.3.0-rc2","v1.4.0","v1.4.0-rc0","v1.4.0-rc1","v1.4.0-rc2","v1.5.0","v1.5.0-rc0","v1.5.0-rc1","v1.5.0-rc2","v1.5.0-rc3","v1.6.0","v1.6.0-rc0","v1.6.0-rc1","v1.6.0-rc2","v1.6.0-rc3","v1.7.0","v1.7.0-rc0","v1.7.0-rc1","v1.7.0-rc2","v2.0.0","v2.0.0-rc0","v2.0.0-rc1","v2.0.0-rc2","v2.0.0-rc3","v2.1.0","v2.1.0-rc0","v2.1.0-rc1","v2.1.0-rc2","v2.1.0-rc3","v2.1.0-rc4","v2.1.0-rc5","v2.10.0","v2.10.0-rc0","v2.10.0-rc1","v2.10.0-rc2","v2.10.0-rc3","v2.10.0-rc4","v2.11.0","v2.11.0-rc0","v2.11.0-rc1","v2.11.0-rc2","v2.11.0-rc3","v2.11.0-rc4","v2.11.0-rc5","v2.12.0","v2.12.0-rc0","v2.12.0-rc1","v2.12.0-rc2","v2.12.0-rc3","v2.12.0-rc4","v2.2.0","v2.2.0-rc0","v2.2.0-rc1","v2.2.0-rc2","v2.2.0-rc3","v2.2.0-rc4","v2.2.0-rc5","v2.3.0","v2.3.0-rc0","v2.3.0-rc1","v2.3.0-rc2","v2.3.0-rc3","v2.3.0-rc4","v2.4.0","v2.4.0-rc0","v2.4.0-rc1","v2.4.0-rc2","v2.4.0-rc3","v2.4.0-rc4","v2.5.0","v2.5.0-rc0","v2.5.0-rc1","v2.5.0-rc2","v2.5.0-rc3","v2.5.0-rc4","v2.6.0","v2.6.0-rc0","v2.6.0-rc1","v2.6.0-rc2","v2.6.0-rc3","v2.6.0-rc4","v2.6.0-rc5","v2.7.0","v2.7.0-rc0","v2.7.0-rc1","v2.7.0-rc2","v2.7.0-rc3","v2.7.0-rc4","v2.7.0-rc5","v2.8.0","v2.8.0-rc0","v2.8.0-rc1","v2.8.0-rc2","v2.8.0-rc3","v2.8.0-rc4","v2.9.0","v2.9.0-rc0","v2.9.0-rc1","v2.9.0-rc2","v2.9.0-rc3","v2.9.0-rc4","v2.9.0-rc5","v3.0.0","v3.0.0-rc0","v3.0.0-rc1","v3.0.0-rc2","v3.0.0-rc3","v3.0.0-rc4","v3.1.0","v3.1.0-rc0","v3.1.0-rc1","v3.1.0-rc2","v3.1.0-rc3","v3.1.0-rc4","v3.1.0-rc5","v4.0.0","v4.0.0-rc0","v4.0.0-rc1","v4.0.0-rc2","v4.0.0-rc3","v4.0.0-rc4","v4.1.0","v4.1.0-rc0","v4.1.0-rc1","v4.1.0-rc2","v4.1.0-rc3","v4.1.0-rc4","v4.1.0-rc5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-15890.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}