CVE-2021-4158

Published: Aug 24, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.

Vendor	Product	Versions
n/a	QEMU	affected `Affects v6.0.0 and above.`

Weaknesses (CWE)

CWE-476

References

https://gitlab.com/qemu-project/qemu/-/issues/770

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=2035002

x_refsource_MISC

https://access.redhat.com/security/cve/CVE-2021-4158

x_refsource_MISC

https://www.mail-archive.com/qemu-devel%40nongnu.org/msg857944.html

x_refsource_MISC

https://gitlab.com/qemu-project/qemu/-/commit/9bd6565ccee68f72d5012e24646e12a1c662827e

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-4158

Description

Affected Products

Weaknesses (CWE)

References