CVE-2020-27821

A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial of service. This flaw affects QEMU versions prior to 5.2.0.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

30 Sep 2022, 19:19

Type Values Removed Values Added
CPE cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
First Time Debian debian Linux
Debian
References (MLIST) https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html - (MLIST) https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html - Mailing List, Third Party Advisory

05 Sep 2022, 06:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html -

06 Aug 2022, 03:49

Type Values Removed Values Added
References (MLIST) http://www.openwall.com/lists/oss-security/2020/12/16/6 - (MLIST) http://www.openwall.com/lists/oss-security/2020/12/16/6 - Mailing List, Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20210115-0006/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20210115-0006/ - Third Party Advisory

15 Jan 2021, 11:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20210115-0006/ -

Information

Published : 2020-12-08 22:15

Updated : 2022-09-30 19:19


NVD link : CVE-2020-27821

Mitre link : CVE-2020-27821


JSON object : View

Products Affected

qemu

  • qemu

debian

  • debian_linux
CWE
CWE-787

Out-of-bounds Write

CWE-122

Heap-based Buffer Overflow