CVE-2021-3930

CWE-1939 documents8 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 83.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Qemu QemuDebian Debian LinuxRedhat Codeready Linux Builder+7 more
Timeline
PublishedFeb 18
Latest updateDec 12

Description

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages6 packages

NVDqemu/qemu< 6.2.0
Debianqemu< 1:5.2+dfsg-11+deb11u3+3
CVEListV5qemuqemu-kvm 6.2.0-rc0
NVDredhat/openstack10, 13+1

Also affects: Debian Linux 10.0, 9.0, Enterprise Linux 8.0

Patches

Patch: bugzilla.redhat.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-2v9g-p8fq-vvh2: An off-by-one error was found in the SCSI device emulation in QEMU2022-02-19
CVEList
CVE-2021-3930: An off-by-one error was found in the SCSI device emulation in QEMU2022-02-18
OSV
CVE-2021-3930: An off-by-one error was found in the SCSI device emulation in QEMU2022-02-18

📋Vendor Advisories

5
Ubuntu
QEMU vulnerabilities2022-12-12
Ubuntu
QEMU vulnerabilities2022-02-28
Microsoft
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A2022-02-08
Red Hat
QEMU: off-by-one error in mode_sense_page() in hw/scsi/scsi-disk.c2021-02-04
Debian
CVE-2021-3930: qemu - An off-by-one error was found in the SCSI device emulation in QEMU. It could occ...2021