Vulnerability CVE-2021-3595

Vulnerability Name:

CVE-2021-3595 (CCN-203750)

Assigned:

2021-06-10

Published:

2021-06-10

Updated:

2023-03-15

Summary:

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

CVSS v3 Severity:

3.8 Low (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)
3.3 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

3.8 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)
3.3 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

3.8 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)
3.3 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-824

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2021-3595

Source: CCN
Type: Red Hat Bugzilla Bug 1970489
(CVE-2021-3595) - CVE-2021-3595 QEMU: slirp: invalid pointer initialization may lead to information disclosure (tftp)

Source: secalert@redhat.com
Type: Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
qemu-cve20213595-info-disc(203750)

Source: CCN
Type: libslirp GIT Repository
Add mtod_check()

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:qemu:qemu:-:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7978	P	texlive-12many-2021.189.0.0.3svn15878-150400.18.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7666	P	libslirp-devel-4.7.0+44-150500.2.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51952	P	Security update for libX11 (Moderate)	2022-11-15
oval:org.opensuse.security:def:51931	P	Security update for expat (Important)	2022-10-01
oval:org.opensuse.security:def:6115	P	Security update for openvswitch (Moderate) (in QA)	2022-08-24
oval:org.opensuse.security:def:6111	P	Security update for icu (Moderate) (in QA)	2022-08-22
oval:org.opensuse.security:def:95338	P	Security update for git (Important)	2022-07-26
oval:org.opensuse.security:def:3498	P	ghostscript-9.27-23.28.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3755	P	powerpc-utils-1.3.7-5.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3462	P	ctags-5.8-7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95128	P	libslirp-devel-4.3.1-150300.2.7.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94574	P	gssproxy-0.8.2-3.9.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95332	P	Security update for dpkg (Low) (in QA)	2022-05-27
oval:org.opensuse.security:def:42288	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:95388	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:489	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:42387	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:1668	P	Security update for libslirp (Important)	2022-05-18
oval:org.opensuse.security:def:459	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:42374	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:1660	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:42274	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:102236	P	Security update for libslirp (Important)	2022-04-29
oval:org.opensuse.security:def:1659	P	Security update for libslirp (Low)	2022-04-24
oval:org.opensuse.security:def:102235	P	Security update for libslirp (Low)	2022-04-24
oval:org.opensuse.security:def:99708	P	(Important)	2021-12-22
oval:org.opensuse.security:def:46316	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:41886	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:100017	P	(Important)	2021-11-16
oval:com.redhat.rhsa:def:20214191	P	RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate)	2021-11-09
oval:org.opensuse.security:def:93109	P	(Moderate)	2021-10-27
oval:org.opensuse.security:def:55959	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:29433	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:83343	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:30256	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:55256	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:82640	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:56079	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:30136	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:83463	P	Security update for xen (Moderate)	2021-10-07
oval:org.opensuse.security:def:31265	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:84665	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:58820	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:32181	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:86143	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:87461	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:57088	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:84207	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:58004	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:31679	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:51654	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:85729	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:32997	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:86645	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:23666	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:57502	P	Security update for xen (Important)	2021-09-06
oval:org.opensuse.security:def:59792	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:33711	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:126765	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:88501	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:23964	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:89447	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:59534	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:125597	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:33969	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:127162	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:88185	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:89189	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:34528	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:5104	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:26117	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:60351	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:111033	P	Security update for qemu (Important)	2021-08-26
oval:org.opensuse.security:def:93262	P	(Moderate)	2021-08-23
oval:org.opensuse.security:def:101287	P	osc-0.172.0-3.26.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:69700	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:102051	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:99118	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:91973	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:75947	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:67204	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:5790	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:92758	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:69899	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:10310	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:99310	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:92168	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:9560	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:92956	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:66879	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:8812	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:99509	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:92360	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:76272	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:9759	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:108717	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:98923	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:70450	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:9007	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:111646	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:92559	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:87434	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:57061	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:84185	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:57980	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:31659	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:51626	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:85702	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:32970	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:86621	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:23638	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:57482	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:31238	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:84644	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:58793	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:32157	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:86123	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:88477	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:23943	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:89427	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:59514	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:125576	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:33949	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:127142	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:88163	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:89169	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:59772	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:33691	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:126745	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:64551	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:109415	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:118511	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:107953	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:96059	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:66873	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:102749	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:76268	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:69067	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:108711	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:73673	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:42107	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:111642	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:102045	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:117468	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:75941	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:67200	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:5784	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:10121	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:9367	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:8623	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:70261	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:69507	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:34491	P	Security update for qemu (Important)	2021-07-22
oval:org.opensuse.security:def:60314	P	Security update for qemu (Important)	2021-07-22
oval:org.opensuse.security:def:29401	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:83312	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:30225	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:55224	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:82608	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:56048	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:30105	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:83432	P	Security update for qemu (Moderate)	2021-07-21
oval:org.opensuse.security:def:55928	P	Security update for qemu (Moderate)	2021-07-21

BACK