Vulnerability CVE-2021-3592

Vulnerability Name:

CVE-2021-3592 (CCN-203761)

Assigned:

2021-06-10

Published:

2021-06-10

Updated:

2023-03-15

Summary:

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

CVSS v3 Severity:

3.8 Low (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)
3.3 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

3.8 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)
3.3 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

3.8 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)
3.3 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-824

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2021-3592

Source: CCN
Type: Red Hat Bugzilla Bug 1970484
(CVE-2021-3592) - CVE-2021-3592 QEMU: slirp: invalid pointer initialization may lead to information disclosure (bootp)

Source: secalert@redhat.com
Type: Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
qemu-cve20213592-info-disc(203761)

Source: CCN
Type: libslirp GIT Repository
bootp: check bootp_input buffer size

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:qemu:qemu:-:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7978	P	texlive-12many-2021.189.0.0.3svn15878-150400.18.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7666	P	libslirp-devel-4.7.0+44-150500.2.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51952	P	Security update for libX11 (Moderate)	2022-11-15
oval:org.opensuse.security:def:51931	P	Security update for expat (Important)	2022-10-01
oval:org.opensuse.security:def:6115	P	Security update for openvswitch (Moderate) (in QA)	2022-08-24
oval:org.opensuse.security:def:6111	P	Security update for icu (Moderate) (in QA)	2022-08-22
oval:org.opensuse.security:def:95338	P	Security update for git (Important)	2022-07-26
oval:org.opensuse.security:def:3498	P	ghostscript-9.27-23.28.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3755	P	powerpc-utils-1.3.7-5.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3462	P	ctags-5.8-7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94574	P	gssproxy-0.8.2-3.9.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95128	P	libslirp-devel-4.3.1-150300.2.7.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95332	P	Security update for dpkg (Low) (in QA)	2022-05-27
oval:org.opensuse.security:def:42288	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:95388	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:489	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:42387	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:1668	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:459	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:42374	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:1660	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:42274	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:102236	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:1659	P	Security update for libslirp (Low)	2022-04-24
oval:org.opensuse.security:def:102235	P	Security update for libslirp (Low)	2022-04-24
oval:org.opensuse.security:def:99708	P	(Important)	2021-12-22
oval:org.opensuse.security:def:41886	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:46316	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:100017	P	(Important)	2021-11-16
oval:com.redhat.rhsa:def:20214191	P	RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate)	2021-11-09
oval:org.opensuse.security:def:93109	P	(Moderate)	2021-10-27
oval:org.opensuse.security:def:30136	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:55959	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:83343	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:29433	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:30256	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:55256	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:82640	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:56079	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:83463	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:84665	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:23666	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:58820	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:31265	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:86143	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:32181	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:87461	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:57088	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:84207	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:58004	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:51654	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:85729	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:31679	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:86645	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:32997	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:57502	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:59792	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:126765	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:33711	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:88501	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:89447	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:23964	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:59534	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:125597	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:127162	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:88185	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:33969	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:89189	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:34528	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:5104	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:60351	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:26117	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:111033	P	Security update for qemu (Important)	2021-08-26
oval:org.opensuse.security:def:93262	P	(Moderate)	2021-08-23
oval:org.opensuse.security:def:101287	P	osc-0.172.0-3.26.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:38199	P	Security update for kvm (Important)	2021-08-06
oval:org.opensuse.security:def:44853	P	Security update for kvm (Important)	2021-08-06
oval:org.opensuse.security:def:40423	P	Security update for kvm (Important)	2021-08-06
oval:org.opensuse.security:def:41467	P	Security update for kvm (Important)	2021-08-03
oval:org.opensuse.security:def:45897	P	Security update for kvm (Important)	2021-08-03
oval:org.opensuse.security:def:9007	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:102051	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:99118	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:91973	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:67204	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:92758	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:69899	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:75947	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:5790	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:99310	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:92168	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:10310	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:92956	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:66879	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:9560	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:99509	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:92360	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:8812	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:108717	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:98923	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:70450	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:76272	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:9759	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:111646	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:92559	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:69700	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:57061	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:43492	P	Security update for kvm (Important)	2021-07-29
oval:org.opensuse.security:def:84185	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:57980	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:51626	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:85702	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:31659	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:86621	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:32970	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:39062	P	Security update for kvm (Important)	2021-07-29
oval:org.opensuse.security:def:57482	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:84644	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:23638	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:58793	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:31238	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:86123	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:32157	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:87434	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:33691	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:88477	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:89427	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:23943	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:59514	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:125576	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:127142	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:88163	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:33949	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:89169	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:59772	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:126745	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:75941	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:64551	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:109415	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:5784	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:118511	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:96059	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:107953	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:66873	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:102749	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:69067	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:108711	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:76268	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:42107	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:111642	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:73673	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:102045	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:117468	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:67200	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:10121	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:9367	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:8623	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:70261	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:69507	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:34491	P	Security update for qemu (Important)	2021-07-22
oval:org.opensuse.security:def:60314	P	Security update for qemu (Important)	2021-07-22
oval:org.opensuse.security:def:83312	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:29401	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:30225	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:55224	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:82608	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:56048	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:83432	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:30105	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:55928	P	Security update for qemu (Moderate)	2021-07-21

BACK