CVE-2021-3595 - log back

CVE-2021-3595 edited at 22 Jun 2021 08:55:24
Description
- An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. This flaw affects libslirp versions prior to 4.6.0.
+ An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU before version 4.6.0. The flaw exists in the tftp_input() function and could occur while processing a UDP packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest.
CVE-2021-3595 edited at 15 Jun 2021 21:51:47
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Information disclosure
Description
+ An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. This flaw affects libslirp versions prior to 4.6.0.
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=1970489
+ https://gitlab.freedesktop.org/slirp/libslirp/-/issues/46
+ https://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17
+ https://gitlab.freedesktop.org/slirp/libslirp/-/commit/3f17948137155f025f7809fdc38576d5d2451c3d
+ https://gitlab.freedesktop.org/slirp/libslirp/-/commit/990163cf3ac86b7875559f49602c4d76f46f6f30
Notes
CVE-2021-3595 created at 15 Jun 2021 21:45:50