Lucene search

K
cvelistRedhatCVELIST:CVE-2021-20295
HistoryApr 01, 2022 - 10:17 p.m.

CVE-2021-20295

2022-04-0122:17:46
CWE-125
redhat
www.cve.org
8
security update
virt:rhel
red hat enterprise linux 8.3
cve-2020-10756

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

30.3%

It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059). CVE-2021-20295 was assigned to that Red Hat specific security regression. For more details about the original security issue CVE-2020-10756, refer to bug 1835986 or the CVE page: https://access.redhat.com/security/cve/CVE-2020-10756.

CNA Affected

[
  {
    "product": "QEMU",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "qemu-kvm 4.2.0-34"
      }
    ]
  }
]