CVE-2021-3507

2021-04-19T19:26:29
ID RH:CVE-2021-3507
Type redhatcve
Reporter redhat.com
Modified 2021-08-04T08:20:56

Description

A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory.