Vulnerability Details : CVE-2021-20203
Potential exploit
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2021-20203
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-20203
0.02%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 3 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-20203
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST | |
3.2
|
LOW | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L |
1.5
|
1.4
|
NIST |
CWE ids for CVE-2021-20203
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)
References for CVE-2021-20203
-
https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html
[SECURITY] [DLA 3099-1] qemu security updateMailing List;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1922441
1922441 – (CVE-2021-20203) CVE-2021-20203 qemu: Failed malloc in vmxnet3_activate_device() in hw/net/vmxnet3.cIssue Tracking;Patch;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2021/04/msg00009.html
[SECURITY] [DLA 2623-1] qemu security updateMailing List;Third Party Advisory
-
https://bugs.launchpad.net/qemu/+bug/1913873
Bug #1913873 “QEMU: net: vmxnet: integer overflow may crash gues...” : Bugs : QEMUExploit;Patch;Third Party Advisory
-
https://security.gentoo.org/glsa/202208-27
QEMU: Multiple Vulnerabilities (GLSA 202208-27) — Gentoo securityThird Party Advisory
Jump to