CVE-2021-3409

Description

The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of service or potential code execution. QEMU up to (including) 5.2.0 is affected by this.

Related CPE's

a qemu qemu ********

o redhat enterprise_linux 7.0 *******

o fedoraproject fedora 33 *******

References

https://www.openwall.com/lists/oss-security/2021/03/09/1

Mailing ListPatchThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1928146

Issue TrackingPatchThird Party Advisory

[debian-lts-announce] 20210410 [SECURITY] [DLA 2623-1] qemu security update

CvssV3 impact

BaseSeverity	MEDIUM
ConfidentialityImpact	LOW
AttackComplexity	LOW
Scope	CHANGED
AttackVector	LOCAL
AvailabilityImpact	LOW
IntegrityImpact	LOW
PrivilegesRequired	HIGH
BaseScore	5.7
VectorString	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
Version	3.1
UserInteraction	NONE

CvssV2 impact

AccessComplexity	LOW
ConfidentialityImpact	PARTIAL
AvailabilityImpact	PARTIAL
IntegrityImpact	PARTIAL
BaseScore	4.6
VectorString	AV:L/AC:L/Au:N/C:P/I:P/A:P
Version	2.0
AccessVector	LOCAL
Authentication	NONE