PT-2021-7362 · Qemu+5 · Qemu+5

Pedro Sampaio

Published

2018-08-16

Updated

2024-06-15

CVE-2021-3582

CVSS v3.1

6.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. The issue occurs while handling a "PVRDMA CMD CREATE MR" command due to improper memory remapping (mremap). This flaw allows a malicious guest to crash the QEMU process on the host. The highest threat from this vulnerability is to system availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2018-2161

ALT-PU-2021-2713

ALT-PU-2021-3363

BDU:2022-05783

CVE-2021-3582

DLA-3099-1

OPENSUSE-SU-2021:1202-1

OPENSUSE-SU-2021:2442-1

OPENSUSE-SU-2021:2474-1

OPENSUSE-SU-2021:2591-1

OPENSUSE-SU-2021_1202-1

OPENSUSE-SU-2021_2442-1

OPENSUSE-SU-2021_2474-1

OPENSUSE-SU-2021_2591-1

OPENSUSE-SU-2024:11287-1

SUSE-SU-2021:2442-1

SUSE-SU-2021:2448-1

SUSE-SU-2021:2474-1

SUSE-SU-2021:2591-1

SUSE-SU-2021_2442-1

SUSE-SU-2021_2448-1

SUSE-SU-2021_2474-1

USN-5010-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Qemu

Suse

Ubuntu

PT-2021-7362 · Qemu+5 · Qemu+5

CVE-2021-3582

Weakness Enumeration

Related Identifiers

Affected Products

References · 223