PT-2021-7719 · Qemu+9 · Qemu+9

Alexander Bulekov

+1

·

Published

2021-04-19

·

Updated

2026-06-09

·

CVE-2021-3507

CVSS v3.1

6.1

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
Name of the Vulnerable Software and Affected Versions QEMU versions up to 6.0.0
Description A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrl transfer handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host, resulting in a denial-of-service scenario, or potential information leakage from the host memory.
Recommendations For QEMU versions up to 6.0.0, as a temporary workaround, consider disabling the fdctrl transfer handler() function until a patch is available. Restrict access to the hw/block/fdc.c component to minimize the risk of exploitation. Avoid using the floppy disk emulator until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

ALSA-2022:7967
ALT-PU-2021-2713
ALT-PU-2021-3363
ALT-PU-2022-2009
ALT-PU-2022-3081
ALT-PU-2022-3390
ALT-PU-2023-1830
ALT-PU-2023-1869
BDU:2023-01705
CESA-2022_7472
CVE-2021-3507
DLA-3099-1
OESA-2022-1716
OPENSUSE-SU-2022_3768-1
RHSA-2022:7472
RHSA-2022:7967
RHSA-2022_7472
RHSA-2022_7967
RLSA-2022:7472
RLSA-2022:7967
SUSE-SU-2022:3768-1
SUSE-SU-2023:0761-1
SUSE-SU-2023:0840-1
SUSE-SU-2023:0878-1
SUSE-SU-2023:0879-1
SUSE-SU-2023:0879-2
SUSE-SU-2023_0878-1
USN-5489-1
USN-8412-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Qemu
Red Hat
Rocky Linux
Suse
Ubuntu