Skip to main content

Libslirp CVE-2021-3593

LOW
Access of Uninitialized Pointer (CWE-824)
2021-06-15 secalert@redhat.com
3.8
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.8 LOW
AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jun 15, 2021 - 21:15 nvd
LOW 3.8

DescriptionNVD

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

AnalysisAI

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-824. An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0. Affected products include: Libslirp Project Libslirp, Redhat Enterprise Linux, Fedoraproject Fedora, Debian Debian Linux. Version information: prior to 4.6.0..

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2020-1983 MEDIUM POC
6.5 Apr 22

A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets t

CVE-2019-14378 HIGH POC
8.8 Jul 29

ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a cas

CVE-2020-29130 MEDIUM POC
4.3 Nov 26

slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even i

CVE-2020-7211 HIGH
7.5 Jan 21

tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows. Rated high severit

CVE-2019-15890 HIGH
7.5 Sep 06

libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. Rated high severity (CVSS 7.5), t

CVE-2026-9539 MEDIUM
6.5 Jun 24

Out-of-bounds heap read and integer underflow in libslirp's TCP urgent data handler (sosendoob) exposes gigabytes of hos

CVE-2020-10756 MEDIUM
6.5 Jul 09

An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. Rated medium

CVE-2020-8608 MEDIUM
5.6 Feb 06

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in lat

CVE-2020-7039 MEDIUM
5.6 Jan 16

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands i

CVE-2020-29129 MEDIUM
4.3 Nov 26

ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if

CVE-2021-3595 LOW
3.8 Jun 15

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CV

CVE-2021-3594 LOW
3.8 Jun 15

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Rated low severity (CV

Share

CVE-2021-3593 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy