CVE-2021-20221

An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:arm64:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

30 Sep 2022, 15:18

Type Values Removed Values Added
CPE cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html - (MLIST) https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html - Mailing List, Third Party Advisory

05 Sep 2022, 06:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html -

10 Dec 2021, 19:56

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20210708-0005/ - Third Party Advisory
CPE cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:arm64:*

04 Jun 2021, 16:35

Type Values Removed Values Added
CWE CWE-787
CWE-125
CVSS v2 : unknown
v3 : unknown
v2 : 2.1
v3 : 6.0
CPE cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*
References (MLIST) http://www.openwall.com/lists/oss-security/2021/02/05/1 - (MLIST) http://www.openwall.com/lists/oss-security/2021/02/05/1 - Mailing List, Patch, Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html - (MLIST) https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html - Mailing List, Third Party Advisory
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1924601 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1924601 - Issue Tracking, Patch, Third Party Advisory

13 May 2021, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-05-13 16:15

Updated : 2022-09-30 15:18


NVD link : CVE-2021-20221

Mitre link : CVE-2021-20221


JSON object : View

Products Affected

debian

  • debian_linux

redhat

  • enterprise_linux

qemu

  • qemu
CWE
CWE-125

Out-of-bounds Read

CWE-787

Out-of-bounds Write