CVE-2021-3594

Summary

CVE	CVE-2021-3594
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-06-15 21:15:00 UTC
Updated	2023-11-07 03:38:00 UTC
Description	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

Risk And Classification

Problem Types: CWE-824

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Fedoraproject	Fedora	33	All	All	All
Operating System	Fedoraproject	Fedora	34	All	All	All
Application	Libslirp Project	Libslirp	All	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All
Operating System	Redhat	Enterprise Linux	8.0	All	All	All

References

Reference	Source	Link	Tags
1970491 – (CVE-2021-3594) CVE-2021-3594 QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp)	MISC	bugzilla.redhat.com
July 2021 QEMU Vulnerabilities in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com
libslirp: Multiple vulnerabilities (GLSA 202107-44) — Gentoo security	GENTOO	security.gentoo.org
[SECURITY] [DLA 3362-1] qemu security update	MLIST	lists.debian.org
[SECURITY] Fedora 34 Update: libslirp-4.4.0-4.fc34 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
[SECURITY] [DLA 2753-1] qemu security update	MLIST	lists.debian.org
[SECURITY] Fedora 34 Update: libslirp-4.4.0-4.fc34 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
[SECURITY] Fedora 33 Update: libslirp-4.3.1-5.fc33 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
[SECURITY] Fedora 33 Update: libslirp-4.3.1-5.fc33 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

159468 Oracle Enterprise Linux Security Update for virt:ol and virt-devel:ol (ELSA-2021-4191)
159582 Oracle Enterprise Linux Security Update for qemu (ELSA-2021-9638)
159672 Oracle Enterprise Linux Security Update for kvm_utils (ELSA-2022-9172)
178782 Debian Security Update for qemu (DLA 2753-1)
180284 Debian Security Update for qemulibslirp (CVE-2021-3594)
181630 Debian Security Update for qemu (DLA 3362-1)
198431 Ubuntu Security Notification for libslirp vulnerabilities (USN-5009-1)
198432 Ubuntu Security Notification for QEMU vulnerabilities (USN-5010-1)
198552 Ubuntu Security Notification for libslirp Vulnerabilities (USN-5009-2)
239833 Red Hat Update for virt:rhel and virt-devel:rhel security (RHSA-2021:4191)
281684 Fedora Security Update for libslirp (FEDORA-2021-71de23bedd)
281685 Fedora Security Update for libslirp (FEDORA-2021-7cd749f133)
355691 Amazon Linux Security Advisory for qemu : ALAS2-2023-2169
377413 Alibaba Cloud Linux Security Update for virt:rhel and virt-devel:rhel (ALINUX3-SA-2022:0119)
501875 Alpine Linux Security Update for libslirp
710025 Gentoo Linux libslirp Multiple vulnerabilities (GLSA 202107-44)
750879 SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:2448-1)
750889 SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:2461-1)
750901 OpenSUSE Security Update for qemu (openSUSE-SU-2021:2474-1)
750903 SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:2546-1)
750904 SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:2563-1)
750910 SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:2591-1)
750912 OpenSUSE Security Update for qemu (openSUSE-SU-2021:2591-1)
751053 OpenSUSE Security Update for qemu (openSUSE-SU-2021:1202-1)
751083 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2021:2924-1)
751087 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2021:2955-1)
751103 SUSE Enterprise Linux Security Update for xen (SUSE-SU-2021:2957-1)
753171 SUSE Enterprise Linux Security Update for libslirp (SUSE-SU-2022:1730-1)
753263 SUSE Enterprise Linux Security Update for libslirp (SUSE-SU-2022:1314-1)
753399 SUSE Enterprise Linux Security Update for libslirp (SUSE-SU-2022:1465-1)
940172 AlmaLinux Security Update for virt:rhel and virt-devel:rhel (ALSA-2021:4191)
960274 Rocky Linux Security Update for virt:rhel and virt-devel:rhel (RLSA-2021:4191)