ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
The product does not handle or incorrectly handles an exceptional condition.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libslirp | Libslirp_project | 4.0.0 (including) | 4.0.0 (including) |