Lucene search

K
cvelistRedhatCVELIST:CVE-2021-20181
HistoryMay 13, 2021 - 3:24 p.m.

CVE-2021-20181

2021-05-1315:24:15
CWE-367
redhat
www.cve.org

7.5 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.9%

A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability.

CNA Affected

[
  {
    "product": "qemu",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "up to, including 5.2.0"
      }
    ]
  }
]

7.5 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.9%