Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-3611

Опубликовано: 11 мая 2022
Источник: debian
EPSS Низкий

Описание

A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
qemufixed1:7.0+dfsg-1package
qemuignoredbullseyepackage
qemunot-affectedbusterpackage
qemunot-affectedstretchpackage

Примечания

  • https://bugs.launchpad.net/qemu/+bug/1907497

  • https://gitlab.com/qemu-project/qemu/-/issues/542

  • Introduced by: https://git.qemu.org/?p=qemu.git;a=commit;h=a9d8ba2be58e067bdfbff830eb9ff438d8db7f10 (v5.0.0-rc0)

  • Proposed fix: https://lore.kernel.org/qemu-devel/20211218160912.1591633-1-philmd@redhat.com/

  • Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/79fa99831debc9782087e834382c577215f2f511 (v7.0.0-rc1)

EPSS

Процентиль: 3%
0.00017
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-3611

CVSS3: 6.5
ubuntu
около 3 лет назад

A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.

redhat логотип

CVE-2021-3611

CVSS3: 3.8
redhat
больше 4 лет назад

A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.

nvd логотип

CVE-2021-3611

CVSS3: 6.5
nvd
около 3 лет назад

A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.

msrc логотип

CVE-2021-3611

CVSS3: 6.5
msrc
9 месяцев назад

Описание отсутствует

github логотип

GHSA-rj8x-cp5p-j26r

CVSS3: 6.5
github
около 3 лет назад

A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.

EPSS

Процентиль: 3%
0.00017
Низкий