Launchpad.net

CVE 2019-14378

ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.

See the CVE page on Mitre.org for more details.