CVE-2021-3748

CVSS v3.1 7.5 (High)

CVSS v2.0 6.9 (Medium)

EPSS 0.04 % (15^th)

Affected Products 6

Advisories 24

A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.

Weaknesses

CWE-416: Use After Free

Related CVEs

CVE-2022-26353

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2022-03-23 20:15:09
(2 years ago)
Updated Date: 2023-01-03 15:16:38
(20 months ago)

Affected Products

Redhat

Configuration #1

		CPE23	From	Up To
	Qemu from 0.10.0 version and prior 6.2.0 version	cpe:2.3:a:qemu:qemu	>= 0.10.0	< 6.2.0

Configuration #2

		CPE23	From	Up To
	Debian Linux 9.0	cpe:2.3:o:debian:debian_linux:9.0
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0

Configuration #3

		CPE23	From	Up To
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts
	Canonical Ubuntu Linux 20.04	cpe:2.3:o:canonical:ubuntu_linux:20.04:::*:lts
	Canonical Ubuntu Linux 21.10	cpe:2.3:o:canonical:ubuntu_linux:21.10

Configuration #4

		CPE23	From	Up To
	Fedoraproject Fedora 34	cpe:2.3:o:fedoraproject:fedora:34

Configuration #5

		CPE23	From	Up To
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0:::*:advanced_virtualization
	Redhat Enterprise Linux Advanced Virtualization Eus 8.4	cpe:2.3:o:redhat:enterprise_linux_advanced_virtualization_eus:8.4

Weaknesses

Related CVEs

Affected Products

Canonical

Debian

Fedoraproject

Qemu