CVE-2021-20181Time-of-check Time-of-use (TOCTOU) Race Condition in Qemu

CWE-367Time-of-check Time-of-use (TOCTOU) Race ConditionCWE-362Race ConditionCWE-416Use After Free8 documents7 sources
Severity
7.5HIGHNVD
OSV3.8
EPSS
0.1%
top 82.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
QemuDebian QemuDebian Linux+1 more
Timeline
PublishedMay 13
Latest updateMay 24

Description

A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 0.8 | Impact: 6.0

Affected Packages6 packages

debiandebian/qemu< qemu 1:5.2+dfsg-4 (bookworm)
Debianqemu/qemu< 1:5.2+dfsg-4+3
Ubuntuqemu/qemu< 1:2.5+dfsg-5ubuntu10.49+2
NVDqemu/qemu5.2.0
CVEListV5qemu/qemuup to, including 5.2.0

Also affects: Debian Linux 10.0, 9.0

Patches

Patch: bugzilla.redhat.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-mq7v-47j3-rc24: A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 52022-05-24
OSV
CVE-2021-20181: A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 52021-05-13
OSV
qemu vulnerabilities2021-02-08

📋Vendor Advisories

4
Microsoft
A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error potentially escalating their2021-05-11
Ubuntu
QEMU vulnerabilities2021-02-08
Red Hat
qemu: 9pfs: TOCTOU privilege escalation vulnerability2021-01-14
Debian
CVE-2021-20181: qemu - A race condition flaw was found in the 9pfs server implementation of QEMU up to ...2021
CVE-2021-20181 — Debian Qemu vulnerability | cvebase