QwikSec

Security Database

CVE

CWE

Training

CVE-2021-3748

Published: Mar 23, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.

Vendor	Product	Versions
n/a	QEMU (virtio-net)	affected `Affects qemu v0.10.0 and above, Fixed In – v6.2.0-rc0 and above.`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=1998514

x_refsource_MISC

https://ubuntu.com/security/CVE-2021-3748

x_refsource_MISC

https://github.com/qemu/qemu/commit/bedd7e93d01961fcb16a97ae45d93acf357e11f6

x_refsource_MISC

https://lists.nongnu.org/archive/html/qemu-devel/2021-09/msg00388.html

x_refsource_MISC

[debian-lts-announce] 20220404 [SECURITY] [DLA 2970-1] qemu security update

mailing-list

x_refsource_MLIST

https://security.netapp.com/advisory/ntap-20220425-0004/

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

[debian-lts-announce] 20220905 [SECURITY] [DLA 3099-1] qemu security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.