Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3682

Опубликовано: 05 авг. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6
CVSS3: 8.5

Описание

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.

РелизСтатусПримечание
bionic

released

1:2.11+dfsg-1ubuntu7.39
devel

released

1:6.2+dfsg-2ubuntu5
esm-infra-legacy/trusty

not-affected

2.0.0+dfsg-2ubuntu1.47+esm2
esm-infra/bionic

not-affected

1:2.11+dfsg-1ubuntu7.39
esm-infra/focal

not-affected

1:4.2-3ubuntu6.21
esm-infra/xenial

released

1:2.5+dfsg-5ubuntu10.51+esm1
focal

released

1:4.2-3ubuntu6.21
hirsute

ignored

end of life
impish

released

1:6.0+dfsg-2expubuntu1.2
jammy

released

1:6.2+dfsg-2ubuntu5

Показывать по

Ссылки на источники

EPSS

Процентиль: 66%
0.0052
Низкий

6 Medium

CVSS2

8.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3682

CVSS3: 8.5
redhat
около 4 лет назад

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.

nvd логотип

CVE-2021-3682

CVSS3: 8.5
nvd
около 4 лет назад

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.

msrc логотип

CVE-2021-3682

CVSS3: 8.5
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2021-3682

CVSS3: 8.5
debian
около 4 лет назад

A flaw was found in the USB redirector device emulation of QEMU in ver ...

github логотип

GHSA-2w4j-r5v6-3vgr

CVSS3: 8.5
github
около 3 лет назад

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.

EPSS

Процентиль: 66%
0.0052
Низкий

6 Medium

CVSS2

8.5 High

CVSS3