PT-2021-7351 · Qemu+9 · Qemu+9

Marian Rehak

·

Published

2020-05-02

·

Updated

2026-06-09

·

CVE-2021-20221

CVSS v3.1

5.4

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
Name of the Vulnerable Software and Affected Versions QEMU versions up to and including 4.2.0
Description The issue is related to an out-of-bounds heap buffer access in the ARM Generic Interrupt Controller emulator of QEMU. This occurs because the interrupt ID written to the controller memory area is not masked to be 4 bits wide, potentially leading to issues when updating controller state fields and their subsequent processing. A privileged guest user may exploit this to crash the QEMU process on the host, resulting in a denial-of-service scenario.
Recommendations For QEMU versions up to and including 4.2.0, consider updating to a version where this issue is fixed, as the current version may allow a privileged guest user to crash the QEMU process, leading to a denial-of-service scenario. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

ALSA-2021:3061
ALT-PU-2020-1912
ALT-PU-2020-2431
ALT-PU-2021-1767
BDU:2022-05771
CESA-2021_3061
CVE-2021-20221
DLA-2560-1
DLA-3099-1
OESA-2021-1241
OPENSUSE-SU-2021:0363-1
OPENSUSE-SU-2021_0363-1
OPENSUSE-SU-2024:11287-1
RHSA-2021:1125
RHSA-2021:2521
RHSA-2021:3061
RHSA-2021_3061
RLSA-2021:3061
SUSE-SU-2021:0521-1
SUSE-SU-2021:1241-1
SUSE-SU-2021:1242-1
SUSE-SU-2021:1244-1
SUSE-SU-2021:1245-1
SUSE-SU-2021:14772-1
SUSE-SU-2021:14774-1
SUSE-SU-2021:1829-1
SUSE-SU-2021:1894-1
SUSE-SU-2021_14772-1
USN-5010-1
USN-8412-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Qemu
Red Hat
Rocky Linux
Suse
Ubuntu