Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-3416

Опубликовано: 24 фев. 2021
Источник: redhat
CVSS3: 3.2
EPSS Низкий

Описание

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6qemu-kvmOut of support scope
Red Hat Enterprise Linux 7qemu-kvmFix deferred
Red Hat Enterprise Linux 7qemu-kvm-maNot affected
Red Hat Enterprise Linux 7qemu-kvm-rhevFix deferred
Red Hat Enterprise Linux 8 Advanced Virtualizationvirt:8.2/qemu-kvmWill not fix
Red Hat Enterprise Linux 8 Advanced Virtualizationvirt:8.3/qemu-kvmWill not fix
Red Hat Enterprise Linux 8 Advanced Virtualizationvirt:av/qemu-kvmAffected
Red Hat OpenStack Platform 10 (Newton)qemu-kvm-rhevOut of support scope
Red Hat OpenStack Platform 13 (Queens)qemu-kvm-rhevOut of support scope
Advanced Virtualization for RHEL 8.4.0.ZvirtFixedRHSA-2021:370330.09.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-835
https://bugzilla.redhat.com/show_bug.cgi?id=1932827QEMU: net: Infinite loop in loopback mode may lead to stack overflow

EPSS

Процентиль: 0%
0.00002
Низкий

3.2 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-3416

CVSS3: 6
ubuntu
больше 4 лет назад

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.

nvd логотип

CVE-2021-3416

CVSS3: 6
nvd
больше 4 лет назад

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.

msrc логотип

CVE-2021-3416

CVSS3: 6
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-3416

CVSS3: 6
debian
больше 4 лет назад

A potential stack overflow via infinite loop issue was found in variou ...

github логотип

GHSA-g3hx-jv57-3ffr

CVSS3: 6
github
около 3 лет назад

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.

EPSS

Процентиль: 0%
0.00002
Низкий

3.2 Low

CVSS3