CVE-2021-20255

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. The flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Infinite Loop

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835CWE-674

Related Identifiers

AZL-35149

AZL-6829

BDU:2022-05644

CVE-2021-20255

DLA-2623-1

OPENSUSE-SU-2021:1202-1

OPENSUSE-SU-2021:2789-1

OPENSUSE-SU-2021:2858-1

OPENSUSE-SU-2021:3614-1

OPENSUSE-SU-2021_1202-1

OPENSUSE-SU-2021_2789-1

OPENSUSE-SU-2021_2858-1

OPENSUSE-SU-2021_3614-1

ROSA-SA-2025-2641

SUSE-SU-2021:14848-1

SUSE-SU-2021:2789-1

SUSE-SU-2021:2813-1

SUSE-SU-2021:2858-1

SUSE-SU-2021:2924-1

SUSE-SU-2021:2955-1

SUSE-SU-2021:2957-1

SUSE-SU-2021:3322-1

SUSE-SU-2021:3575-1

SUSE-SU-2021:3613-1

SUSE-SU-2021:3614-1

SUSE-SU-2021:3635-1

SUSE-SU-2021_14848-1

Affected Products

Astra Linux

Debian

Qemu

Suse

CVE-2021-20255

Weakness Enumeration

Related Identifiers

Affected Products

References · 139