CVE-2021-3638

Опубликовано: 03 мар. 2022

Источник: ubuntu

Приоритет: medium

CVSS2: 2.1

CVSS3: 6.5

Описание

An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

Релиз	Статус	Примечание
bionic	not-affected	code not present
devel	not-affected	1:8.1.3+ds-1ubuntu1
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	1:4.2-3ubuntu6.28
esm-infra/xenial	not-affected	code not present
focal	released	1:4.2-3ubuntu6.28
groovy	ignored	end of life
hirsute	ignored	end of life
impish	ignored	end of life

Показывать по

Ссылки на источники

2.1 Low

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2021-3638

CVSS3: 6

redhat

почти 4 года назад

CVE-2021-3638

CVSS3: 6.5

nvd

больше 3 лет назад

CVE-2021-3638

CVSS3: 6.5

msrc

больше 2 лет назад

Описание отсутствует

CVE-2021-3638

CVSS3: 6.5

debian

больше 3 лет назад

An out-of-bounds memory access flaw was found in the ATI VGA device em ...

GHSA-2r38-g5xg-3v7g

CVSS3: 6.5

github

больше 3 лет назад

2.1 Low

CVSS2

6.5 Medium

CVSS3

CVE-2021-3638

Описание

Пакет qemu

Ссылки на источники

Связанные уязвимости