CVE-2021-3611

CVSS v3.1

6.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions QEMU versions prior to 7.0.0

Description A stack overflow vulnerability was found in the Intel HD Audio device of QEMU, allowing a malicious guest to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability.

Recommendations For QEMU versions prior to 7.0.0, update to version 7.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Intel HD Audio device to minimize the risk of exploitation.

Exploit

Fix

DoS

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

ALSA-2022:7967

ALT-PU-2022-2009

ALT-PU-2022-3081

ALT-PU-2022-3390

ALT-PU-2023-1830

ALT-PU-2023-1869

AZL-35150

BDU:2022-05645

CVE-2021-3611

OESA-2022-1716

OPENSUSE-SU-2021:1202-1

OPENSUSE-SU-2021:2442-1

OPENSUSE-SU-2021:2474-1

OPENSUSE-SU-2021:2591-1

OPENSUSE-SU-2021_1202-1

OPENSUSE-SU-2021_2442-1

OPENSUSE-SU-2021_2474-1

OPENSUSE-SU-2021_2591-1

OPENSUSE-SU-2025_0432-1

RHSA-2022:7967

RHSA-2022_7967

RLSA-2022:7967

SUSE-SU-2021:2428-1

SUSE-SU-2021:2442-1

SUSE-SU-2021:2448-1

SUSE-SU-2021:2461-1

SUSE-SU-2021:2474-1

SUSE-SU-2021:2546-1

SUSE-SU-2021:2563-1

SUSE-SU-2021:2591-1

SUSE-SU-2025:0432-1

USN-6567-1

USN-6567-2

Affected Products

Alt Linux

Almalinux

Astra Linux

Debian

Linuxmint

Qemu

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2021-3611

Weakness Enumeration

Related Identifiers

Affected Products

References · 168