Lucene search

K
nvd[email protected]NVD:CVE-2021-3748
HistoryMar 23, 2022 - 8:15 p.m.

CVE-2021-3748

2022-03-2320:15:09
CWE-416
web.nvd.nist.gov
6
qemu
virtio-net
use-after-free
vulnerability
denial of service
privilege escalation

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS

0

Percentile

14.2%

A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor’s address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.

Affected configurations

Nvd
Node
qemuqemuRange0.10.06.2.0
Node
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
Node
canonicalubuntu_linuxMatch18.04lts
OR
canonicalubuntu_linuxMatch20.04lts
OR
canonicalubuntu_linuxMatch21.10
Node
fedoraprojectfedoraMatch34
Node
redhatenterprise_linuxMatch8.0advanced_virtualization
OR
redhatenterprise_linux_advanced_virtualization_eusMatch8.4
VendorProductVersionCPE
qemuqemu*cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
canonicalubuntu_linux18.04cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
canonicalubuntu_linux20.04cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
canonicalubuntu_linux21.10cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*
fedoraprojectfedora34cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
redhatenterprise_linux8.0cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*
redhatenterprise_linux_advanced_virtualization_eus8.4cpe:2.3:o:redhat:enterprise_linux_advanced_virtualization_eus:8.4:*:*:*:*:*:*:*

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS

0

Percentile

14.2%