Lucene search

K
cvelistRedhatCVELIST:CVE-2021-3416
HistoryMar 18, 2021 - 7:53 p.m.

CVE-2021-3416

2021-03-1819:53:29
CWE-835
redhat
www.cve.org

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.0%

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.

CNA Affected

[
  {
    "product": "QEMU",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "versions up to and including 5.2.0"
      }
    ]
  }
]