Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-20255

Опубликовано: 09 мар. 2021
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 38%
0.00167
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-835
CWE-674

Связанные уязвимости

ubuntu логотип

CVE-2021-20255

CVSS3: 5.5
ubuntu
почти 5 лет назад

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

redhat логотип

CVE-2021-20255

CVSS3: 3.2
redhat
почти 5 лет назад

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

msrc логотип

CVE-2021-20255

CVSS3: 5.5
msrc
почти 3 года назад

Описание отсутствует

debian логотип

CVE-2021-20255

CVSS3: 5.5
debian
почти 5 лет назад

A stack overflow via an infinite recursion vulnerability was found in ...

github логотип

GHSA-v6w7-gq3g-fwvm

CVSS3: 5.5
github
больше 3 лет назад

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

EPSS

Процентиль: 38%
0.00167
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-835
CWE-674