Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2021-3416

Published: 18 March 2021

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.

Priority

Low

Cvss 3 Severity Score

6.0

Score breakdown

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian 		bionic
Released (1:2.11+dfsg-1ubuntu7.37)
focal
Released (1:4.2-3ubuntu6.17)
groovy
Released (1:5.0-5ubuntu9.9)
hirsute Not vulnerable
(1:5.2+dfsg-9ubuntu3)
impish Not vulnerable
(1:5.2+dfsg-9ubuntu3)
jammy Not vulnerable
(1:5.2+dfsg-9ubuntu3)
kinetic Not vulnerable
(1:5.2+dfsg-9ubuntu3)
lunar Not vulnerable
(1:5.2+dfsg-9ubuntu3)
trusty Needed

upstream Needs triage

xenial Needed

Patches:
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=705df5466c98f3efdd2b68d3b31dad86858acad7
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=1caff0340f49c93d535c6558a5138d20d475315c
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=331d2ac9ea307c990dc86e6493e8f0c48d14bb33
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=26194a58f4eb83c5bdf4061a1628508084450ba1
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=8c92060d3c0248bd4d515719a35922cd2391b9b4
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=8c552542b81e56ff532dd27ec6e5328954bdda73
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=5311fb805a4403bba024e83886fa0e7572265de4
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=99ccfaa1edafd79f7a3a0ff7b58ae4da7c514928
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=e73adfbeec9d4e008630c814759052ed945c3fed
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=37cee01784ff0df13e5209517e1b3594a5e792d1
qemu-kvm
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

kinetic Does not exist

lunar Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

Severity score breakdown

Parameter Value
Base score 6.0
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Scope Changed
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading