CVE-2021-3392

Name of the Vulnerable Software and Affected Versions QEMU versions 2.10.0 through 5.2.0

Description A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error in the mptsas free request() function that does not dequeue the request object req from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.

Recommendations For versions 2.10.0 through 5.2.0, consider disabling the mptsas free request() function as a temporary workaround until a patch is available. Restrict access to the MegaRAID emulator to minimize the risk of exploitation. Avoid using the req object in the affected SCSI I/O requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.