Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-20203

Опубликовано: 25 фев. 2021
Источник: debian

Описание

An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
qemufixed1:6.2+dfsg-1package
qemufixed1:5.2+dfsg-11+deb11u3bullseyepackage

Примечания

  • https://bugs.launchpad.net/qemu/+bug/1913873

  • https://gitlab.com/qemu-project/qemu/-/issues/308

  • https://bugs.launchpad.net/qemu/+bug/1890152

  • https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg07935.html

  • Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/d05dcd94aee88728facafb993c7280547eb4d645 (v6.2.0-rc3)

Связанные уязвимости

ubuntu логотип

CVE-2021-20203

CVSS3: 3.2
ubuntu
больше 4 лет назад

An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

redhat логотип

CVE-2021-20203

CVSS3: 3.2
redhat
больше 4 лет назад

An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

nvd логотип

CVE-2021-20203

CVSS3: 3.2
nvd
больше 4 лет назад

An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

msrc логотип

CVE-2021-20203

CVSS3: 3.2
msrc
больше 4 лет назад

Описание отсутствует

github логотип

GHSA-8gqc-j7wm-6g58

CVSS3: 3.2
github
около 3 лет назад

An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.