Redhat Enterprise Linux Advanced Virtualization Eus vulnerabilities

CVE-2021-3748 [HIGH] CWE-416 CVE-2021-3748: A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the d A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute c

CVE-2021-3930 [MEDIUM] CWE-193 CVE-2021-3930: An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.