PT-2021-7993 · Libslirp+9 · Libslirp+9

Mauro Matteo Cascella

·

Published

2021-06-04

·

Updated

2023-03-15

·

CVE-2021-3595

CVSS v3.1

3.8

Low

VectorAV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions libslirp versions prior to 4.6.0
Description The issue is related to an invalid pointer initialization in the SLiRP networking implementation, specifically in the tftp input() function. This flaw can occur when processing a UDP packet smaller than the size of the tftp t structure, potentially leading to out-of-bounds read access or indirect host memory disclosure to the guest. The primary threat is to data confidentiality.
Recommendations For libslirp versions prior to 4.6.0, update to version 4.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the tftp input() function to minimize the risk of exploitation.

Fix

Access of Uninitialized Pointer

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-824

Related Identifiers

ALSA-2021:4191
ALT-PU-2021-2279
ALT-PU-2022-3194
BDU:2024-01497
CESA-2021_4191
CVE-2021-3595
DLA-2753-1
DLA-3362-1
MGASA-2021-0480
OESA-2021-1411
OPENSUSE-SU-2021:1202-1
OPENSUSE-SU-2021:2474-1
OPENSUSE-SU-2021:2591-1
OPENSUSE-SU-2021_1202-1
OPENSUSE-SU-2021_2474-1
OPENSUSE-SU-2021_2591-1
OPENSUSE-SU-2022_1314-1
OPENSUSE-SU-2022_1465-1
OPENSUSE-SU-2022_1730-1
RHSA-2021:4191
RHSA-2021_4191
RLSA-2021:4191
SUSE-SU-2021:14848-1
SUSE-SU-2021:2428-1
SUSE-SU-2021:2448-1
SUSE-SU-2021:2461-1
SUSE-SU-2021:2474-1
SUSE-SU-2021:2546-1
SUSE-SU-2021:2563-1
SUSE-SU-2021:2591-1
SUSE-SU-2021:2924-1
SUSE-SU-2021:2955-1
SUSE-SU-2021:2957-1
SUSE-SU-2021:3322-1
SUSE-SU-2021_14848-1
SUSE-SU-2022:1465-1
SUSE-SU-2022:1730-1
USN-5009-1
USN-5009-2
USN-5010-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu
Libslirp