libslirp_project libslirp 使用未经初始化的指针

admin

0
文章

0
评论

2023-12-01 14:04:39 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

中危 libslirp_project libslirp 使用未经初始化的指针

CVE编号

CVE-2021-3594

利用情况

暂无

补丁情况

官方补丁

披露时间

2021-06-16

漏洞描述

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://bugzilla.redhat.com/show_bug.cgi?id=1970491
https://lists.debian.org/debian-lts-announce/2021/09/msg00000.html
https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora...
https://security.gentoo.org/glsa/202107-44
https://security.netapp.com/advisory/ntap-20210805-0004/

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	libslirp_project	libslirp	*		Up to (excluding) 4.6.0
	运行在以下环境
	系统	alpine_3.14	libslirp	*		Up to (excluding) 4.6.0-r0
	运行在以下环境
	系统	alpine_3.15	libslirp	*		Up to (excluding) 4.6.0-r0
	运行在以下环境
	系统	alpine_3.16	libslirp	*		Up to (excluding) 4.6.0-r0
	运行在以下环境
	系统	alpine_3.17	libslirp	*		Up to (excluding) 4.6.0-r0
	运行在以下环境
	系统	alpine_3.18	libslirp	*		Up to (excluding) 4.6.0-r0
	运行在以下环境
	系统	alpine_edge	libslirp	*		Up to (excluding) 4.6.0-r0
	运行在以下环境
	系统	amazon_2	apr	*		Up to (excluding) 3.1.0-8.amzn2.0.12
	运行在以下环境
	系统	amazon_2023	apr	*		Up to (excluding) 1.7.2-2.amzn2023.0.2
	运行在以下环境
	系统	centos_8	glibc-langpack-sw	*		Up to (excluding) 2.28-164.el8
	运行在以下环境
	系统	debian_10	qemu	*		Up to (excluding) 1:3.1+dfsg-8+deb10u10
	运行在以下环境
	系统	debian_11	libslirp	*		Up to (excluding) 4.4.0-1+deb11u2
	运行在以下环境
	系统	debian_12	libslirp	*		Up to (excluding) 4.6.1-1
	运行在以下环境
	系统	debian_9	qemu	*		Up to (excluding) 1:2.8+dfsg-6+deb9u15
	运行在以下环境
	系统	debian_sid	libslirp	*		Up to (excluding) 4.6.1-1
	运行在以下环境
	系统	fedora_33	libslirp	*		Up to (excluding) 2.32-10.fc33
	运行在以下环境
	系统	fedora_34	libslirp	*		Up to (excluding) 2.33-20.fc34
	运行在以下环境
	系统	kylinos_aarch64_V10SP1	glibc	*		Up to (excluding) 2.28-36.p06.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP2	glibc	*		Up to (excluding) 2.28-49.p07.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP1	glibc	*		Up to (excluding) 2.28-36.p06.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP2	glibc	*		Up to (excluding) 2.28-49.p07.ky10
	运行在以下环境
	系统	opensuse_Leap_15.2	glibc-utils	*		Up to (excluding) 4.2.1-lp152.9.20.1
	运行在以下环境
	系统	opensuse_Leap_15.3	qemu-s390	*		Up to (excluding) 2.31-9.3.2
	运行在以下环境
	系统	opensuse_Leap_15.4	libslirp0	*		Up to (excluding) 4.3.1-150300.6.2
	运行在以下环境
	系统	oracle_7	oraclelinux-release	*		Up to (excluding) 4.2.1-13.el7
	运行在以下环境
	系统	oracle_8	libvirt-daemon-driver-storage-gluster	*		Up to (excluding) 2.28-164.0.1.ksplice1.el8
	运行在以下环境
	系统	redhat_8	glibc-langpack-sw	*		Up to (excluding) 2.28-164.el8
	运行在以下环境
	系统	suse_12_SP5	xen	*		Up to (excluding) 3.1.1.1-54.1
	运行在以下环境
	系统	ubuntu_18.04	qemu	*		Up to (excluding) 1:2.11+dfsg-1ubuntu7.37
	运行在以下环境
	系统	ubuntu_18.04.5_lts	qemu	*		Up to (excluding) 1:2.11+dfsg-1ubuntu7.37
	运行在以下环境
	系统	ubuntu_20.04	libslirp	*		Up to (excluding) 4.1.0-2ubuntu2.2
	运行在以下环境
系统	ubuntu_21.04	libslirp	*		Up to (excluding) 4.4.0-1ubuntu0.1
运行在以下环境
系统	ubuntu_21.10	libslirp	*		Up to (excluding) 4.4.0-1ubuntu0.21.10.1
运行在以下环境
系统	ubuntu_22.04	libslirp	*		Up to (excluding) 4.6.1-1
运行在以下环境
系统	ubuntu_22.10	libslirp	*		Up to (excluding) 4.6.1-1