7.4 High
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
Feb. 24, 2022 Alexey Shabalin
- 6.1.1
- Fixes for the following security vulnerabilities:
+ CVE-2021-3713 uas: add stream number sanity checks
+ CVE-2021-3947 hw/nvme: fix buffer overrun in nvme_changed_nslist
+ CVE-2021-20196 hw/block/fdc: Kludge missing floppy drive
+ CVE-2021-20203 net: vmxnet3: validate configuration values during activate
+ CVE-2021-4158 acpi: validate hotplug selector on access
+ CVE-2022-0358 virtiofsd: Drop membership of all supplementary groups
+ CVE-2021-3929 hw/nvme: fix
- 9pfs: Fix segfault in do_readdir_many caused by struct dirent overread
7.4 High
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P