CVE-2021-3638

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-3638

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3638.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-3638

Related

Published

2022-03-03T23:15:08Z

Modified

2024-09-18T03:17:21.739445Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati2dblt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

References

Affected packages

Debian:11 / qemu

Package

Name: qemu
Purl: pkg:deb/debian/qemu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:5.2+dfsg-11+deb11u1

Affected versions

1:5.*

1:5.2+dfsg-11

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / qemu

Package

Name: qemu
Purl: pkg:deb/debian/qemu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:6.1+dfsg-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / qemu

Package

Name: qemu
Purl: pkg:deb/debian/qemu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:6.1+dfsg-6

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/qemu/qemu

Affected ranges

Type: GIT
Repo: https://github.com/qemu/qemu
Events: Introduced

131b9a05705636086699df15d4a6d328bb2585e8

Last affected

f9baca549e44791be0dd98de15add3d8452a8af0

Affected versions

v4.*

v4.0.0

v4.1.0

v4.1.0-rc0

v4.1.0-rc1

v4.1.0-rc2

v4.1.0-rc3

v4.1.0-rc4

v4.1.0-rc5

v4.2.0

v4.2.0-rc0

v4.2.0-rc1

v4.2.0-rc2

v4.2.0-rc3

v4.2.0-rc4

v4.2.0-rc5

v5.*

v5.0.0

v5.0.0-rc0

v5.0.0-rc1

v5.0.0-rc2

v5.0.0-rc3

v5.0.0-rc4

v5.1.0

v5.1.0-rc0

v5.1.0-rc1

v5.1.0-rc2

v5.1.0-rc3

v5.2.0

v5.2.0-rc0

v5.2.0-rc1

v5.2.0-rc2

v5.2.0-rc3

v5.2.0-rc4

v6.*

v6.0.0

v6.0.0-rc0

v6.0.0-rc1

v6.0.0-rc2

v6.0.0-rc3

v6.0.0-rc4

v6.0.0-rc5

v6.1.0

v6.1.0-rc0

v6.1.0-rc1

v6.1.0-rc2

v6.1.0-rc3

v6.1.0-rc4