CVE-2021-4207

Опубликовано: 29 апр. 2022

Источник: ubuntu

Приоритет: medium

CVSS2: 4.6

CVSS3: 8.2

Описание

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor->header.width and cursor->header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.

Релиз	Статус	Примечание
bionic	released	1:2.11+dfsg-1ubuntu7.40
devel	released	1:6.2+dfsg-2ubuntu8
esm-infra-legacy/trusty	needs-triage
esm-infra/bionic	not-affected	1:2.11+dfsg-1ubuntu7.40
esm-infra/focal	not-affected	1:4.2-3ubuntu6.23
esm-infra/xenial	needs-triage
focal	released	1:4.2-3ubuntu6.23
impish	released	1:6.0+dfsg-2expubuntu1.3
jammy	released	1:6.2+dfsg-2ubuntu6.2
kinetic	released	1:6.2+dfsg-2ubuntu8

Показывать по

Ссылки на источники

4.6 Medium

CVSS2

8.2 High

CVSS3

Связанные уязвимости

CVE-2021-4207

CVSS3: 7.5

redhat

около 3 лет назад

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.

CVE-2021-4207

CVSS3: 8.2

nvd

около 3 лет назад

CVE-2021-4207

CVSS3: 8.2

msrc

10 месяцев назад

Описание отсутствует

CVE-2021-4207

CVSS3: 8.2

debian

около 3 лет назад

A flaw was found in the QXL display device emulation in QEMU. A double ...

GHSA-9p8r-v33g-4939

CVSS3: 8.8

github

около 3 лет назад

4.6 Medium

CVSS2

8.2 High

CVSS3

CVE-2021-4207

Описание

Пакет qemu

Ссылки на источники

Связанные уязвимости