Vulnerability CVE-2021-3595: Information
Description
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.
Severity: LOW (3.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| libslirp | sisyphus | 4.6.1-alt1 | 4.7.0-alt1 | ALT-PU-2021-2279-1 | 279793 | Fixed |
| libslirp | sisyphus_riscv64 | 4.6.1-alt1 | 4.7.0-alt1 | ALT-PU-2022-3500-1 | - | Fixed |
| libslirp | p10 | 4.6.1-alt1 | 4.7.0-alt1 | ALT-PU-2021-2279-1 | 279793 | Fixed |
| libslirp | c10f1 | 4.6.1-alt1 | 4.7.0-alt1 | ALT-PU-2021-2279-1 | 279793 | Fixed |
| libslirp | c9f2 | 4.7.0-alt1 | 4.7.0-alt1 | ALT-PU-2022-3194-1 | 309993 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1970489 |
|
| GLSA-202107-44 |
|
| https://security.netapp.com/advisory/ntap-20210805-0004/ |
|
| [debian-lts-announce] 20210902 [SECURITY] [DLA 2753-1] qemu security update |
|
| [debian-lts-announce] 20230314 [SECURITY] [DLA 3362-1] qemu security update | |
| FEDORA-2021-71de23bedd | |
| FEDORA-2021-7cd749f133 |