CVE-2021-3592 - log back

CVE-2021-3592 edited at 22 Jun 2021 08:54:46
Description
- An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. This flaw affects libslirp versions prior to 4.6.0.
+ An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU before version 4.6.0. The flaw exists in the bootp_input() function and could occur while processing a UDP packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host.
CVE-2021-3592 edited at 15 Jun 2021 21:47:54
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Information disclosure
Description
+ An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. This flaw affects libslirp versions prior to 4.6.0.
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=1970484
+ https://gitlab.freedesktop.org/slirp/libslirp/-/issues/44
+ https://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17
+ https://gitlab.freedesktop.org/slirp/libslirp/-/commit/f13cad45b25d92760bb0ad67bec0300a4d7d5275
+ https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2eca0838eee1da96204545e22cdaed860d9d7c6c
Notes
CVE-2021-3592 created at 15 Jun 2021 21:45:50