PT-2022-2968 · Qemu+9 · Qemu+9

Pedro Sampaio

Published

2022-04-29

Updated

2026-06-09

CVE-2021-4207

CVSS v3.1

8.2

High

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor->header.width and cursor->header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120CWE-362

Related Identifiers

ALSA-2022:5821

ALT-PU-2022-2009

ALT-PU-2022-3081

ALT-PU-2022-3390

ALT-PU-2023-1830

ALT-PU-2023-1869

AZL-35155

AZL-9619

BDU:2022-03597

CESA-2022_5821

CVE-2021-4207

DLA-3099-1

DSA-5133-1

OESA-2022-1662

OPENSUSE-SU-2022_2254-1

OPENSUSE-SU-2022_2260-1

OPENSUSE-SU-2022_3594-1

OPENSUSE-SU-2022_3768-1

OPENSUSE-SU-2024:12209-1

RHSA-2022:5002

RHSA-2022:5821

RHSA-2022_5821

RLSA-2022:5821

SUSE-SU-2022:2254-1

SUSE-SU-2022:2260-1

SUSE-SU-2022:3594-1

SUSE-SU-2022:3768-1

SUSE-SU-2023:2358-1

SUSE-SU-2023:3015-1

SUSE-SU-2023_3015-1

USN-5489-1

USN-8412-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Qemu

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2022-2968 · Qemu+9 · Qemu+9

CVE-2021-4207

Weakness Enumeration

Related Identifiers

Affected Products

References · 150