Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2021-3713

An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked, which can lead to out-of-bounds access to the UASDevice->data3 and UASDevice->status3 fields. A malicious guest user could use this flaw to crash QEMU or potentially achieve code execution with the privileges of the QEMU process on the host.

Related bugs and status

CVE-2021-3713 (Candidate) is related to these bugs:

Bug #1959984: [22.04 FEAT] KVM: Allow long kernel command lines for QEMU

Summary				In	Importance	Status
	1959984	[22.04 FEAT] KVM: Allow long kernel command lines for QEMU		qemu (Ubuntu)	High	Fix Released
	1959984	[22.04 FEAT] KVM: Allow long kernel command lines for QEMU		Ubuntu on IBM z Systems	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.redha...
MLIST: [debian-lts-announce] ...
CONFIRM: https://security.netap...
DEBIAN: DSA-4980
GENTOO: GLSA-202208-27
MLIST: [debian-lts-announce] ...