CVE-2021-4206

CVSS v3.1

8.2

High

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description The issue is related to an integer overflow in the cursor alloc() function of the QEMU hardware emulator, specifically in the QXL display device emulation. This can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user can exploit this to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-131CWE-120CWE-190

Related Identifiers

ALSA-2022:5821

ALT-PU-2022-2009

ALT-PU-2022-3081

ALT-PU-2022-3390

ALT-PU-2023-1830

ALT-PU-2023-1869

AZL-35154

AZL-9618

BDU:2022-04641

CESA-2022_5821

CVE-2021-4206

DLA-3099-1

DSA-5133-1

OESA-2022-1662

OPENSUSE-SU-2022_2254-1

OPENSUSE-SU-2022_2260-1

OPENSUSE-SU-2022_3594-1

OPENSUSE-SU-2022_3768-1

OPENSUSE-SU-2024:12209-1

RHSA-2022:5002

RHSA-2022:5821

RHSA-2022_5821

RLSA-2022:5821

SUSE-SU-2022:2254-1

SUSE-SU-2022:2260-1

SUSE-SU-2022:3594-1

SUSE-SU-2022:3768-1

SUSE-SU-2022_2254-1

SUSE-SU-2022_2260-1

SUSE-SU-2023:0761-1

SUSE-SU-2023:2358-1

USN-5489-1

USN-8412-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Qemu

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2021-4206

Weakness Enumeration

Related Identifiers

Affected Products

References · 157