Published: 25/01/2022 Updated: 28/09/2022

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions before 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu 6.1.0
redhat enterprise linux 8.0

Synopsis Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the virt:rhel and virt-devel:rhel modules is now available for Red Ha ...

Menu Log in ...

CWE-476 https://bugzilla.redhat.com/show_bug.cgi?id=2034602 https://gitlab.com/qemu-project/qemu/-/commit/66fed30c9cd11854fc878a4eceb507e915d7c9cd https://security.netapp.com/advisory/ntap-20220311-0004/https://security.gentoo.org/glsa/202208-27 https://access.redhat.com/errata/RHSA-2022:1759 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-4145

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect