CVE 2021-3611
A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0.
Related bugs and status
CVE-2021-3611 (Candidate) is related to these bugs:
Bug #1907497: [OSS-Fuzz] Issue 28435 qemu:qemu-fuzz-i386-target-generic-fuzz-intel-hda: Stack-overflow in ldl_le_dma
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1907497 | [OSS-Fuzz] Issue 28435 qemu:qemu-fuzz-i386-target-generic-fuzz-intel-hda: Stack-overflow in ldl_le_dma | QEMU | Undecided | Invalid | ||
Bug #1971315: Merge qemu from Debian unstable for kinetic
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1971315 | Merge qemu from Debian unstable for kinetic | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1971315 | Merge qemu from Debian unstable for kinetic | xen (Ubuntu) | Undecided | Fix Released | ||
Bug #1980896: failed to install ca-certificates-java in ppc64le systems: fatal: Tried to call a TRAP
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1980896 | failed to install ca-certificates-java in ppc64le systems: fatal: Tried to call a TRAP | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1980896 | failed to install ca-certificates-java in ppc64le systems: fatal: Tried to call a TRAP | qemu (Ubuntu Focal) | Undecided | Confirmed | ||
| 1980896 | failed to install ca-certificates-java in ppc64le systems: fatal: Tried to call a TRAP | qemu (Ubuntu Bionic) | Undecided | Won't Fix | ||
| 1980896 | failed to install ca-certificates-java in ppc64le systems: fatal: Tried to call a TRAP | qemu (Ubuntu Kinetic) | Undecided | Fix Released | ||
| 1980896 | failed to install ca-certificates-java in ppc64le systems: fatal: Tried to call a TRAP | qemu (Ubuntu Impish) | Undecided | Won't Fix | ||
| 1980896 | failed to install ca-certificates-java in ppc64le systems: fatal: Tried to call a TRAP | qemu (Ubuntu Jammy) | Undecided | Fix Released | ||
Bug #1981339: [UBUNTU 22.04] s390x system emulation of QEMU has random hangs
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1981339 | [UBUNTU 22.04] s390x system emulation of QEMU has random hangs | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1981339 | [UBUNTU 22.04] s390x system emulation of QEMU has random hangs | Ubuntu on IBM z Systems | Undecided | Fix Released | ||
| 1981339 | [UBUNTU 22.04] s390x system emulation of QEMU has random hangs | qemu (Ubuntu Jammy) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
