An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.
https://bugzilla.redhat.com/show_bug.cgi?id=1970487
https://security.gentoo.org/glsa/202107-44
https://security.netapp.com/advisory/ntap-20210805-0004/
https://lists.debian.org/debian-lts-announce/2022/04/msg00002.html
Source: MITRE
Published: 2021-06-15
Updated: 2022-05-13
Type: CWE-824
Base Score: 2.1
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 3.9
Severity: LOW
Base Score: 3.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Impact Score: 1.4
Exploitability Score: 2
Severity: LOW