PT-2021-21134 · Acrn · Acrn
Published
2021-07-02
·
Updated
2021-07-08
·
CVE-2021-36144
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
ACRN versions prior to 2.5
Description:
The issue is related to a use-after-free condition in the polling timer handler for a freed virtio device, specifically in the devicemodel/hw/pci/virtio/*.c files.
Recommendations:
For versions prior to 2.5, update to version 2.5 or later to resolve the issue.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acrn