Lucene search
RedhatCVELIST:CVE-2021-3750HistoryMay 02, 2022 - 6:48 p.m.
CVE-2021-3750
2022-05-0218:48:12
CWE-416
redhat
www.cve.org
1
A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller’s registers and trigger undesirable actions (such as reset) while the device is still transferring packets. This can ultimately lead to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code within the context of the QEMU process on the host. This flaw affects QEMU versions before 7.0.0.
CNA Affected
[
{
"product": "QEMU",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "QEMU before version 7.0.0"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2022-05-02 19:15:00
Design/Logic Flaw
2022-08-25 20:15:00
Design/Logic Flaw
2023-09-13 17:15:00
cbl_mariner
cbl_mariner
CVE-2021-3750 affecting package qemu for versions less than 6.2.0-18
2024-03-19 17:21:46
CVE-2021-3750 affecting package qemu-kvm 4.2.0-39
2022-07-14 21:00:03
CVE-2021-3750 affecting package qemu for versions less than 6.2.0-16
2023-06-27 20:56:13
alpinelinux
alpinelinux
CVE-2021-3750
2022-05-02 19:15:00
cnvd
cnvd
QEMU Resource Management Error Vulnerability (CNVD-2022-84160)
2022-05-07 00:00:00
veracode
veracode
Use-After-Free
2022-07-09 23:07:28
openvas
openvas
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2120)
2022-07-14 00:00:00
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2100)
2022-07-14 00:00:00
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2194)
2022-08-01 00:00:00
redhatcve
redhatcve
osv
osv
CVE-2021-3750
2022-05-02 19:15:08
CVE-2021-3929
2022-08-25 20:15:09
Moderate: qemu-kvm security, bug fix, and enhancement update
2023-11-07 00:00:00
debiancve
debiancve
ubuntucve
ubuntucve
nvd
nvd
nessus
nessus
EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2022-2120)
2022-07-14 00:00:00
EulerOS Virtualization 2.10.0 : qemu (EulerOS-SA-2022-2100)
2022-07-15 00:00:00
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:0569)
2024-01-30 00:00:00
cve
cve
oraclelinux
oraclelinux
virt:ol and virt-devel:rhel security, bug fix, and enhancement update
2023-11-18 00:00:00
qemu-kvm security, bug fix, and enhancement update
2022-11-22 00:00:00
qemu-kvm security update
2024-06-03 00:00:00
cvelist
cvelist
CVE-2023-2680 Dma reentrancy issue (incomplete fix for cve-2021-3750)
2023-09-13 16:50:53
CVE-2021-3929
2022-08-25 19:36:36
redhat
redhat
almalinux
almalinux
Moderate: qemu-kvm security, bug fix, and enhancement update
2023-11-07 00:00:00
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2023-11-14 00:00:00
Moderate: qemu-kvm security, bug fix, and enhancement update
2022-11-15 00:00:00
rocky
rocky
qemu-kvm security, bug fix, and enhancement update
2022-11-15 06:12:15
redos
redos
ROS-20240606-01
2024-06-06 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2022-12-12 00:00:00
gentoo
gentoo
QEMU: Multiple Vulnerabilities
2022-08-14 00:00:00