Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2019-15890

Use After Free

Published: Sep 06, 2019 | Modified: Nov 21, 2024
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
5.6 MODERATE
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
Ubuntu
LOW
Vulnerability-free packages from our partners
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2019-15890
CWEhttps://cwe.mitre.org/data/definitions/416.html

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

Weakness

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory “belongs” to the code that operates on the new pointer.

Affected Software

Name Vendor Start Version End Version
Libslirp Libslirp_project 4.0.0 (including) 4.0.0 (including)
Advanced Virtualization for RHEL 8.2.1 RedHat virt:8.2-8020120200707202843.11e3e113 *
Advanced Virtualization for RHEL 8.2.1 RedHat virt-devel:8.2-8020120200707202843.11e3e113 *
Red Hat Enterprise Linux 6 RedHat qemu-kvm-2:0.12.1.2-2.506.el6_10.6 *
Red Hat Enterprise Linux 7 Extras RedHat slirp4netns-0:0.3.0-8.el7_7 *
Red Hat Enterprise Linux 8 RedHat container-tools:rhel8-8010120200116121758.53d07e52 *
Red Hat Enterprise Linux 8 RedHat virt-devel:rhel-8030020200909014558.30b713e6 *
Red Hat Enterprise Linux 8 RedHat virt:rhel-8030020200909014558.30b713e6 *
Android Ubuntu esm-apps/xenial *
Android Ubuntu trusty *
Android Ubuntu xenial *
Basilisk2 Ubuntu bionic *
Basilisk2 Ubuntu disco *
Basilisk2 Ubuntu eoan *
Basilisk2 Ubuntu focal *
Basilisk2 Ubuntu groovy *
Basilisk2 Ubuntu hirsute *
Basilisk2 Ubuntu impish *
Basilisk2 Ubuntu kinetic *
Basilisk2 Ubuntu lunar *
Basilisk2 Ubuntu mantic *
Basilisk2 Ubuntu oracular *
Basilisk2 Ubuntu trusty *
Basilisk2 Ubuntu xenial *
Bochs Ubuntu bionic *
Bochs Ubuntu disco *
Bochs Ubuntu eoan *
Bochs Ubuntu focal *
Bochs Ubuntu groovy *
Bochs Ubuntu hirsute *
Bochs Ubuntu impish *
Bochs Ubuntu kinetic *
Bochs Ubuntu lunar *
Bochs Ubuntu mantic *
Bochs Ubuntu oracular *
Bochs Ubuntu trusty *
Bochs Ubuntu xenial *
Fs-uae Ubuntu bionic *
Fs-uae Ubuntu disco *
Fs-uae Ubuntu eoan *
Fs-uae Ubuntu focal *
Fs-uae Ubuntu groovy *
Fs-uae Ubuntu hirsute *
Fs-uae Ubuntu impish *
Fs-uae Ubuntu kinetic *
Fs-uae Ubuntu lunar *
Fs-uae Ubuntu mantic *
Fs-uae Ubuntu oracular *
Fs-uae Ubuntu trusty *
Fs-uae Ubuntu xenial *
Libslirp Ubuntu trusty *
Ns3 Ubuntu bionic *
Ns3 Ubuntu disco *
Ns3 Ubuntu eoan *
Ns3 Ubuntu focal *
Ns3 Ubuntu groovy *
Ns3 Ubuntu hirsute *
Ns3 Ubuntu impish *
Ns3 Ubuntu kinetic *
Ns3 Ubuntu lunar *
Ns3 Ubuntu mantic *
Ns3 Ubuntu oracular *
Ns3 Ubuntu trusty *
Ns3 Ubuntu xenial *
Qemu Ubuntu bionic *
Qemu Ubuntu devel *
Qemu Ubuntu disco *
Qemu Ubuntu eoan *
Qemu Ubuntu esm-infra-legacy/trusty *
Qemu Ubuntu esm-infra/bionic *
Qemu Ubuntu esm-infra/focal *
Qemu Ubuntu esm-infra/xenial *
Qemu Ubuntu focal *
Qemu Ubuntu groovy *
Qemu Ubuntu hirsute *
Qemu Ubuntu impish *
Qemu Ubuntu jammy *
Qemu Ubuntu kinetic *
Qemu Ubuntu lunar *
Qemu Ubuntu mantic *
Qemu Ubuntu noble *
Qemu Ubuntu oracular *
Qemu Ubuntu plucky *
Qemu Ubuntu questing *
Qemu Ubuntu trusty *
Qemu Ubuntu trusty/esm *
Qemu Ubuntu upstream *
Qemu Ubuntu xenial *
Qemu-kvm Ubuntu precise/esm *
Qemu-kvm-spice Ubuntu trusty *
Qemu-linaro Ubuntu trusty *
Redboot-imx Ubuntu bionic *
Redboot-imx Ubuntu disco *
Redboot-imx Ubuntu eoan *
Redboot-imx Ubuntu trusty *
Redboot-imx Ubuntu xenial *
Slirp Ubuntu bionic *
Slirp Ubuntu disco *
Slirp Ubuntu eoan *
Slirp Ubuntu focal *
Slirp Ubuntu groovy *
Slirp Ubuntu hirsute *
Slirp Ubuntu impish *
Slirp Ubuntu kinetic *
Slirp Ubuntu lunar *
Slirp Ubuntu mantic *
Slirp Ubuntu oracular *
Slirp Ubuntu trusty *
Slirp Ubuntu trusty/esm *
Slirp Ubuntu xenial *
Slirp4netns Ubuntu disco *
Slirp4netns Ubuntu trusty *
Vde2 Ubuntu bionic *
Vde2 Ubuntu disco *
Vde2 Ubuntu eoan *
Vde2 Ubuntu focal *
Vde2 Ubuntu groovy *
Vde2 Ubuntu hirsute *
Vde2 Ubuntu impish *
Vde2 Ubuntu kinetic *
Vde2 Ubuntu lunar *
Vde2 Ubuntu mantic *
Vde2 Ubuntu oracular *
Vde2 Ubuntu trusty *
Vde2 Ubuntu xenial *
Virtualbox Ubuntu bionic *
Virtualbox Ubuntu disco *
Virtualbox Ubuntu eoan *
Virtualbox Ubuntu focal *
Virtualbox Ubuntu groovy *
Virtualbox Ubuntu hirsute *
Virtualbox Ubuntu impish *
Virtualbox Ubuntu kinetic *
Virtualbox Ubuntu lunar *
Virtualbox Ubuntu mantic *
Virtualbox Ubuntu oracular *
Virtualbox Ubuntu trusty *
Virtualbox Ubuntu xenial *
Virtualbox-hwe Ubuntu bionic *
Virtualbox-hwe Ubuntu disco *
Virtualbox-hwe Ubuntu eoan *
Virtualbox-hwe Ubuntu focal *
Virtualbox-hwe Ubuntu groovy *
Virtualbox-hwe Ubuntu hirsute *
Virtualbox-hwe Ubuntu impish *
Virtualbox-hwe Ubuntu kinetic *
Virtualbox-hwe Ubuntu lunar *
Virtualbox-hwe Ubuntu mantic *
Virtualbox-hwe Ubuntu oracular *
Virtualbox-hwe Ubuntu trusty *
Virtualbox-hwe Ubuntu xenial *
Virtualbox-lts-vivid Ubuntu trusty *
Virtualbox-lts-wily Ubuntu trusty *
Virtualbox-lts-xenial Ubuntu trusty *
Xen Ubuntu disco *
Xen Ubuntu eoan *
Xen Ubuntu groovy *
Xen Ubuntu hirsute *
Xen Ubuntu impish *
Xen Ubuntu trusty *
Xen Ubuntu xenial *

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use