Showing 1 - 3 of 3

CVE-2021-20221

Status Candidate

Overview

An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Related Files

Red Hat Security Advisory 2021-3061-01: Posted Aug 10, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-3061-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, denial of service, and out of bounds access vulnerabilities.; tags | advisory, denial of service, overflow, kernel, vulnerability; systems | linux, redhat; advisories | CVE-2020-13754, CVE-2020-27617, CVE-2021-20221, CVE-2021-3416, CVE-2021-3504; SHA-256 | 66e0a1ac543249bbe6d765192ae964d7bdf8592d935524bd9c4a35ee66ca180c; Download | Favorite | View

Ubuntu Security Notice USN-5010-1: Posted Jul 15, 2021; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5010-1 - Lei Sun discovered that QEMU incorrectly handled certain MMIO operations. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. Wenxiang Qian discovered that QEMU incorrectly handled certain ATAPI commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 21.04. Various other issues were also addressed.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2020-15469, CVE-2020-29443, CVE-2020-35505, CVE-2020-35517, CVE-2021-20221, CVE-2021-20257, CVE-2021-3392, CVE-2021-3409, CVE-2021-3416, CVE-2021-3527, CVE-2021-3544, CVE-2021-3545, CVE-2021-3546, CVE-2021-3593, CVE-2021-3594, CVE-2021-3595, CVE-2021-3608; SHA-256 | c4d63dc41ceb7caa0f49a3eacc4d8caaa17252efd4913df4a83ba610c5446f40; Download | Favorite | View

Red Hat Security Advisory 2021-1125-01: Posted Apr 7, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-1125-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.; tags | advisory; systems | linux, redhat; advisories | CVE-2021-20221; SHA-256 | 5a2b602bddb1c9f5cc58521ec0aaf557cb5877a7c6055dff7bc3cacdf3ce1fa3; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 272 files
Ubuntu 56 files
Debian 19 files
LiquidWorm 18 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Chokri Hammedi 3 files
Alter Prime 3 files
Valentin Lobstein 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,937)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,979)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2021-20221

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems