6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
qemu is vulnerable to null pointer dereference. The vulnerability exists due to an invalid pointer dereference in the function pci_write()
in hw/acpi/pcihp.c
allowing an attacker to crash the system.
access.redhat.com/errata/RHSA-2022:1759
access.redhat.com/errata/RHSA-2022:7967
access.redhat.com/security/cve/CVE-2021-4158
bugzilla.redhat.com/show_bug.cgi?id=2035002
gitlab.com/qemu-project/qemu/-/commit/9bd6565ccee68f72d5012e24646e12a1c662827e
gitlab.com/qemu-project/qemu/-/issues/770
security-tracker.debian.org/tracker/CVE-2021-4158
www.mail-archive.com/qemu-devel%40nongnu.org/msg857944.html
www.mail-archive.com/[email protected]/msg857944.html