Lucene search

K
redhatcveRedhat.comRH:CVE-2021-3592
HistoryJun 15, 2021 - 1:47 p.m.

CVE-2021-3592

2021-06-1513:47:02
redhat.com
access.redhat.com
33

0.0005 Low

EPSS

Percentile

16.8%

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the ‘bootp_t’ structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality.