How severe is CVE-2021-3608?

CVE-2021-3608 has a CVSS v3 score of 6 (MEDIUM).

CVE-2021-3608

6.0MEDIUM

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest and may result i

Publicado: 2/24/2022Atualizado: 11/21/2024

Descrição

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer. The highest threat from this vulnerability is to system availability.

Análise IADesenvolvido por IA

Produtos Afetados

qemuqemu

debiandebian_linux

10.0

fedoraprojectfedora

Referências

https://bugzilla.redhat.com/show_bug.cgi?id=1973383
Issue TrackingThird Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html
Mailing ListThird Party Advisory
https://lists.gnu.org/archive/html/qemu-devel/2021-06/msg07926.html
Mailing ListPatchThird Party Advisory
https://security.gentoo.org/glsa/202208-27
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220318-0002/
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1973383
Issue TrackingThird Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html
Mailing ListThird Party Advisory
https://lists.gnu.org/archive/html/qemu-devel/2021-06/msg07926.html
Mailing ListPatchThird Party Advisory
https://security.gentoo.org/glsa/202208-27
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220318-0002/
Third Party Advisory