The vulnerability of the tftp_input() function in the src/tftp.c component of the TCP-IP Libslirp emulator allows a hacker to gain access to confidential data.

The vulnerability of the tftpinput function in the src/tftp.c component of the TCP-IP Libslirp emulator relates to access to an uninitialized pointer. Exploiting this vulnerability could allow an attacker to gain access to confidential data...

SUSE SLES15 Security Update : libslirp (SUSE-SU-2022:1314-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1314-1 advisory. - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinp...

Information Disclosure

libslirp is vulnerable to information disclosure. An invalid pointer initialization in tftpinput function while processing a UDP packet that is smaller than the size of the tftpt structure leads to an out-of-bounds read access...

CVE-2021-3595

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftpinput function and could occur while processing a udp packet that is smaller than the size of the 'tftpt' structure. This issue may lead to out-of-bounds read access or...