{"api_version":"1","generated_at":"2026-04-23T02:58:13+00:00","cve":"CVE-2021-3592","urls":{"html":"https://cve.report/CVE-2021-3592","api":"https://cve.report/api/cve/CVE-2021-3592.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-3592","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-3592"},"summary":{"title":"CVE-2021-3592","description":"An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2021-06-15 21:15:00","updated_at":"2023-11-07 03:38:00"},"problem_types":["CWE-824"],"metrics":[],"references":[{"url":"https://security.netapp.com/advisory/ntap-20210805-0004/","name":"https://security.netapp.com/advisory/ntap-20210805-0004/","refsource":"CONFIRM","tags":[],"title":"July 2021 QEMU Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202107-44","name":"GLSA-202107-44","refsource":"GENTOO","tags":[],"title":"libslirp: Multiple vulnerabilities (GLSA 202107-44) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html","name":"[debian-lts-announce] 20230314 [SECURITY] [DLA 3362-1] qemu security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3362-1] qemu security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/","name":"FEDORA-2021-7cd749f133","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 34 Update: libslirp-4.4.0-4.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00004.html","name":"[debian-lts-announce] 20210911 [SECURITY] [DLA 2753-2] qemu regression update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2753-2] qemu regression update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html","name":"[debian-lts-announce] 20210902 [SECURITY] [DLA 2753-1] qemu security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2753-1] qemu security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/","name":"FEDORA-2021-7cd749f133","refsource":"","tags":[],"title":"[SECURITY] Fedora 34 Update: libslirp-4.4.0-4.fc34 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/","name":"FEDORA-2021-71de23bedd","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 33 Update: libslirp-4.3.1-5.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/","name":"FEDORA-2021-71de23bedd","refsource":"","tags":[],"title":"[SECURITY] Fedora 33 Update: libslirp-4.3.1-5.fc33 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970484","name":"https://bugzilla.redhat.com/show_bug.cgi?id=1970484","refsource":"MISC","tags":[],"title":"1970484 – (CVE-2021-3592) CVE-2021-3592 QEMU: slirp: invalid pointer initialization may lead to information disclosure (bootp)","mime":"text/html","httpstatus":"200","archivestatus":"503"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-3592","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3592","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"3592","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"3592","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"33","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"3592","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"34","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"3592","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libslirp_project","cpe5":"libslirp","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"3592","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"3592","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"advanced_virtualization","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-3592","qid":"159468","title":"Oracle Enterprise Linux Security Update for virt:ol and virt-devel:ol (ELSA-2021-4191)"},{"cve":"CVE-2021-3592","qid":"159582","title":"Oracle Enterprise Linux Security Update for qemu (ELSA-2021-9638)"},{"cve":"CVE-2021-3592","qid":"159672","title":"Oracle Enterprise Linux Security Update for kvm_utils (ELSA-2022-9172)"},{"cve":"CVE-2021-3592","qid":"178782","title":"Debian Security Update for qemu (DLA 2753-1)"},{"cve":"CVE-2021-3592","qid":"178793","title":"Debian Security Update for qemu (DLA 2753-2)"},{"cve":"CVE-2021-3592","qid":"179667","title":"Debian Security Update for qemulibslirp (CVE-2021-3592)"},{"cve":"CVE-2021-3592","qid":"181630","title":"Debian Security Update for qemu (DLA 3362-1)"},{"cve":"CVE-2021-3592","qid":"198431","title":"Ubuntu Security Notification for libslirp vulnerabilities (USN-5009-1)"},{"cve":"CVE-2021-3592","qid":"198432","title":"Ubuntu Security Notification for QEMU vulnerabilities (USN-5010-1)"},{"cve":"CVE-2021-3592","qid":"198552","title":"Ubuntu Security Notification for libslirp Vulnerabilities (USN-5009-2)"},{"cve":"CVE-2021-3592","qid":"239833","title":"Red Hat Update for virt:rhel and virt-devel:rhel security (RHSA-2021:4191)"},{"cve":"CVE-2021-3592","qid":"281684","title":"Fedora Security Update for libslirp (FEDORA-2021-71de23bedd)"},{"cve":"CVE-2021-3592","qid":"281685","title":"Fedora Security Update for libslirp (FEDORA-2021-7cd749f133)"},{"cve":"CVE-2021-3592","qid":"355691","title":"Amazon Linux Security Advisory for qemu : ALAS2-2023-2169"},{"cve":"CVE-2021-3592","qid":"377413","title":"Alibaba Cloud Linux Security Update for virt:rhel and virt-devel:rhel (ALINUX3-SA-2022:0119)"},{"cve":"CVE-2021-3592","qid":"501875","title":"Alpine Linux Security Update for libslirp"},{"cve":"CVE-2021-3592","qid":"671198","title":"EulerOS Security Update for qemu (EulerOS-SA-2022-1034)"},{"cve":"CVE-2021-3592","qid":"671203","title":"EulerOS Security Update for qemu (EulerOS-SA-2022-1014)"},{"cve":"CVE-2021-3592","qid":"710025","title":"Gentoo Linux libslirp Multiple vulnerabilities (GLSA 202107-44)"},{"cve":"CVE-2021-3592","qid":"750879","title":"SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:2448-1)"},{"cve":"CVE-2021-3592","qid":"750889","title":"SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:2461-1)"},{"cve":"CVE-2021-3592","qid":"750901","title":"OpenSUSE Security Update for qemu (openSUSE-SU-2021:2474-1)"},{"cve":"CVE-2021-3592","qid":"750903","title":"SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:2546-1)"},{"cve":"CVE-2021-3592","qid":"750904","title":"SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:2563-1)"},{"cve":"CVE-2021-3592","qid":"750910","title":"SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:2591-1)"},{"cve":"CVE-2021-3592","qid":"750912","title":"OpenSUSE Security Update for qemu (openSUSE-SU-2021:2591-1)"},{"cve":"CVE-2021-3592","qid":"751053","title":"OpenSUSE Security Update for qemu (openSUSE-SU-2021:1202-1)"},{"cve":"CVE-2021-3592","qid":"751083","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2021:2924-1)"},{"cve":"CVE-2021-3592","qid":"751087","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2021:2955-1)"},{"cve":"CVE-2021-3592","qid":"751103","title":"SUSE Enterprise Linux Security Update for xen (SUSE-SU-2021:2957-1)"},{"cve":"CVE-2021-3592","qid":"753171","title":"SUSE Enterprise Linux Security Update for libslirp (SUSE-SU-2022:1730-1)"},{"cve":"CVE-2021-3592","qid":"753263","title":"SUSE Enterprise Linux Security Update for libslirp (SUSE-SU-2022:1314-1)"},{"cve":"CVE-2021-3592","qid":"753399","title":"SUSE Enterprise Linux Security Update for libslirp (SUSE-SU-2022:1465-1)"},{"cve":"CVE-2021-3592","qid":"940172","title":"AlmaLinux Security Update for virt:rhel and virt-devel:rhel (ALSA-2021:4191)"},{"cve":"CVE-2021-3592","qid":"960274","title":"Rocky Linux Security Update for virt:rhel and virt-devel:rhel (RLSA-2021:4191)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-3592","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"QEMU","version":{"version_data":[{"version_value":"libslirp 4.6.0"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-824"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=1970484","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970484"},{"refsource":"FEDORA","name":"FEDORA-2021-71de23bedd","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCKWZWY64EHTOQMLVLTSZ4AA27EWRJMH/"},{"refsource":"FEDORA","name":"FEDORA-2021-7cd749f133","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGPQZFVJCFGDSISFXPCQTTBBD7QZLJKI/"},{"refsource":"GENTOO","name":"GLSA-202107-44","url":"https://security.gentoo.org/glsa/202107-44"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20210805-0004/","url":"https://security.netapp.com/advisory/ntap-20210805-0004/"},{"refsource":"MLIST","name":"[debian-lts-announce] 20210902 [SECURITY] [DLA 2753-1] qemu security update","url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20210911 [SECURITY] [DLA 2753-2] qemu regression update","url":"https://lists.debian.org/debian-lts-announce/2021/09/msg00004.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20230314 [SECURITY] [DLA 3362-1] qemu security update","url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html"}]},"description":{"description_data":[{"lang":"eng","value":"An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0."}]}},"nvd":{"publishedDate":"2021-06-15 21:15:00","lastModifiedDate":"2023-11-07 03:38:00","problem_types":["CWE-824"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":3.8,"baseSeverity":"LOW"},"exploitabilityScore":2,"impactScore":1.4},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:libslirp_project:libslirp:*:*:*:*:*:*:*:*","versionEndExcluding":"4.6.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"3592","Ordinal":"210019","Title":"CVE-2021-3592","CVE":"CVE-2021-3592","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"3592","Ordinal":"1","NoteData":"An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"3592","Ordinal":"2","NoteData":"2021-06-15","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"3592","Ordinal":"3","NoteData":"2021-09-11","Type":"Other","Title":"Modified"}]}}}