ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. CREATE(Triage):(User=admin) [CVE-2019-14378|https://nvd.nist.gov/vuln/detail/CVE-2019-14378]