Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-20196

Опубликовано: 26 мая 2021
Источник: debian
EPSS Низкий

Описание

A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
qemufixed1:6.2+dfsg-1package
qemufixed1:5.2+dfsg-11+deb11u3bullseyepackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1919210

  • https://bugs.launchpad.net/qemu/+bug/1912780

  • https://gitlab.com/qemu-project/qemu/-/issues/338

  • https://lists.nongnu.org/archive/html/qemu-devel/2021-01/msg05986.html

  • Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/1ab95af033a419e7a64e2d58e67dd96b20af5233 (v6.2.0-rc4)

EPSS

Процентиль: 7%
0.00031
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-20196

CVSS3: 6.5
ubuntu
около 4 лет назад

A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

redhat логотип

CVE-2021-20196

CVSS3: 3.2
redhat
больше 4 лет назад

A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

nvd логотип

CVE-2021-20196

CVSS3: 6.5
nvd
около 4 лет назад

A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

suse-cvrf логотип

openSUSE-SU-2022:0177-1

suse-cvrf
больше 3 лет назад

Security update for qemu

suse-cvrf логотип

SUSE-SU-2022:0177-1

suse-cvrf
больше 3 лет назад

Security update for qemu

EPSS

Процентиль: 7%
0.00031
Низкий