CVE-2021-3713

Name of the Vulnerable Software and Affected Versions QEMU versions prior to 6.2.0-rc0

Description The issue is related to the UAS (USB Attached SCSI) device emulation of QEMU, where a lack of validation of the stream number can be exploited. This allows an attacker to access confidential data, compromise its integrity, and potentially cause a denial of service. A malicious guest user could use this flaw to crash QEMU or potentially achieve code execution with the privileges of the QEMU process on the host. The device uses the guest supplied stream number unchecked, which can lead to out-of-bounds access to the UASDevice->data3 and UASDevice->status3 fields.

Recommendations For QEMU versions prior to 6.2.0-rc0, update to version 6.2.0-rc0 or later to resolve the issue. As a temporary workaround, consider restricting access to the UAS device emulation to minimize the risk of exploitation. Avoid using the stream number variable in the affected UAS device emulation until the issue is resolved.