CVE-2021-4207

A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Information

Published : 2022-04-29 10:15

Updated : 2022-11-29 08:21


NVD link : CVE-2021-4207

Mitre link : CVE-2021-4207


JSON object : View

CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

redhat

  • enterprise_linux

qemu

  • qemu