CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
EPSS
Percentile
17.2%
Severity: Medium
Date : 2021-06-22
CVE-ID : CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595
Package : libslirp
Type : information disclosure
Remote : No
Link : https://security.archlinux.org/AVG-2073
The package libslirp before version 4.6.0-1 is vulnerable to
information disclosure.
Upgrade to 4.6.0-1.
The problems have been fixed upstream in version 4.6.0.
None.
An invalid pointer initialization issue was found in the SLiRP
networking implementation of QEMU before version 4.6.0. The flaw exists
in the bootp_input() function and could occur while processing a UDP
packet that is smaller than the size of the ‘bootp_t’ structure. A
malicious guest could use this flaw to leak 10 bytes of uninitialized
heap memory from the host.
An invalid pointer initialization issue was found in the SLiRP
networking implementation of QEMU before version 4.6.0. The flaw exists
in the udp6_input() function and could occur while processing a UDP
packet that is smaller than the size of the ‘udphdr’ structure. This
issue may lead to out-of-bounds read access or indirect host memory
disclosure to the guest.
An invalid pointer initialization issue was found in the SLiRP
networking implementation of QEMU before version 4.6.0. The flaw exists
in the udp_input() function and could occur while processing a UDP
packet that is smaller than the size of the ‘udphdr’ structure. This
issue may lead to out-of-bounds read access or indirect host memory
disclosure to the guest.
An invalid pointer initialization issue was found in the SLiRP
networking implementation of QEMU before version 4.6.0. The flaw exists
in the tftp_input() function and could occur while processing a UDP
packet that is smaller than the size of the ‘tftp_t’ structure. This
issue may lead to out-of-bounds read access or indirect host memory
disclosure to the guest.
A malicious guest could disclose contents of the host’s memory using
crafted UDP packets.
https://bugzilla.redhat.com/show_bug.cgi?id=1970484
https://gitlab.freedesktop.org/slirp/libslirp/-/issues/44
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/f13cad45b25d92760bb0ad67bec0300a4d7d5275
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2eca0838eee1da96204545e22cdaed860d9d7c6c
https://bugzilla.redhat.com/show_bug.cgi?id=1970487
https://gitlab.freedesktop.org/slirp/libslirp/-/issues/45
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/de71c15de66ba9350bf62c45b05f8fbff166517b
https://bugzilla.redhat.com/show_bug.cgi?id=1970491
https://gitlab.freedesktop.org/slirp/libslirp/-/issues/47
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/74572be49247c8c5feae7c6e0b50c4f569ca9824
https://bugzilla.redhat.com/show_bug.cgi?id=1970489
https://gitlab.freedesktop.org/slirp/libslirp/-/issues/46
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/3f17948137155f025f7809fdc38576d5d2451c3d
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/990163cf3ac86b7875559f49602c4d76f46f6f30
https://security.archlinux.org/CVE-2021-3592
https://security.archlinux.org/CVE-2021-3593
https://security.archlinux.org/CVE-2021-3594
https://security.archlinux.org/CVE-2021-3595
bugzilla.redhat.com/show_bug.cgi?id=1970484
bugzilla.redhat.com/show_bug.cgi?id=1970487
bugzilla.redhat.com/show_bug.cgi?id=1970489
bugzilla.redhat.com/show_bug.cgi?id=1970491
gitlab.freedesktop.org/slirp/libslirp/-/commit/2eca0838eee1da96204545e22cdaed860d9d7c6c
gitlab.freedesktop.org/slirp/libslirp/-/commit/3f17948137155f025f7809fdc38576d5d2451c3d
gitlab.freedesktop.org/slirp/libslirp/-/commit/74572be49247c8c5feae7c6e0b50c4f569ca9824
gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17
gitlab.freedesktop.org/slirp/libslirp/-/commit/990163cf3ac86b7875559f49602c4d76f46f6f30
gitlab.freedesktop.org/slirp/libslirp/-/commit/de71c15de66ba9350bf62c45b05f8fbff166517b
gitlab.freedesktop.org/slirp/libslirp/-/commit/f13cad45b25d92760bb0ad67bec0300a4d7d5275
gitlab.freedesktop.org/slirp/libslirp/-/issues/44
gitlab.freedesktop.org/slirp/libslirp/-/issues/45
gitlab.freedesktop.org/slirp/libslirp/-/issues/46
gitlab.freedesktop.org/slirp/libslirp/-/issues/47
security.archlinux.org/AVG-2073
security.archlinux.org/CVE-2021-3592
security.archlinux.org/CVE-2021-3593
security.archlinux.org/CVE-2021-3594
security.archlinux.org/CVE-2021-3595
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
EPSS
Percentile
17.2%