Lucene search

[email protected]NVD:CVE-2021-3507

HistoryMay 06, 2021 - 4:15 p.m.

CVE-2021-3507

2021-05-0616:15:07

CWE-119

CWE-787

[email protected]

web.nvd.nist.gov

cve-2021-3507

qemu

buffer overflow

floppy disk emulator

dma read

dos

information leakage

guest user

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

EPSS

0.001

Percentile

29.0%

JSON

A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory.

Affected configurations

Nvd

Node

qemuqemuRange≤6.0.0

Node

debiandebian_linuxMatch10.0

redhatenterprise_linuxMatch8.0-

redhatenterprise_linuxMatch8.0advanced_virtualization

VendorProductVersionCPE
qemuqemu*cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
redhatenterprise_linux8.0cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*
redhatenterprise_linux8.0cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*

Vendor	Product	Version	CPE
qemu	qemu	*	cpe:2.3:a:qemu:qemu::::::::
debian	debian_linux	10.0	cpe:2.3:o:debian:debian_linux:10.0:::::::*
redhat	enterprise_linux	8.0	cpe:2.3:o:redhat:enterprise_linux:8.0::::-:::
redhat	enterprise_linux	8.0	cpe:2.3:o:redhat:enterprise_linux:8.0::::advanced_virtualization:::