CVE-2021-3592
LOWlibslirp < 4.6.0 - Uninitialized Pointer Access in bootp_input Function
Title source: llmDescription
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.
References (8)
Core 8
Core References
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/
Mailing List, Third Party Advisory vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202107-44
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html
Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2021/09/msg00004.html
Mailing List mailing-list
https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html
Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1970484
Third Party Advisory
https://security.netapp.com/advisory/ntap-20210805-0004/
Scores
CVSS v3
3.8
EPSS
0.0033
EPSS Percentile
24.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Details
CWE
CWE-824
Status
published
Products (5)
debian/debian_linux
9.0
fedoraproject/fedora
33
fedoraproject/fedora
34
libslirp_project/libslirp
< 4.6.0
redhat/enterprise_linux
8.0 (2 CPE variants)
Published
Jun 15, 2021
Tracked Since
Feb 18, 2026