Lucene search

K
redhatcveRedhat.comRH:CVE-2021-3595
HistoryJun 15, 2021 - 1:47 p.m.

CVE-2021-3595

2021-06-1513:47:09
redhat.com
access.redhat.com
33

0.0005 Low

EPSS

Percentile

15.8%

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the ‘tftp_t’ structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality.