exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2021-3748

Status Candidate

Overview

A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.

Related Files

Red Hat Security Advisory 2022-1759-01
Posted May 11, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1759-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-20196, CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-3622, CVE-2021-3716, CVE-2021-3748, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263, CVE-2021-3975, CVE-2021-4145
SHA-256 | cf2c26724e7650e1aeb0964cd78478438588a1ed37ddff36eb738dc4866cc442
Download | Favorite | View
Ubuntu Security Notice USN-5307-1
Posted Feb 28, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5307-1 - Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. It was discovered that the QEMU vhost-user GPU device contained several security issues. An attacker inside the guest could use these issues to cause QEMU to crash, resulting in a denial of service, leak sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-20196, CVE-2021-20203, CVE-2021-3546, CVE-2021-3682, CVE-2021-3713, CVE-2021-3748, CVE-2021-3930, CVE-2021-4158, CVE-2022-0358
SHA-256 | 93c74c6aff190d655abe77b615cbb1fdb9e7fd27501547e3980eeee5e03af9e9
Download | Favorite | View
Red Hat Security Advisory 2021-5036-04
Posted Dec 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-5036-04 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3748
SHA-256 | 9d7063a42bd394aa00c0bd3b674e852478b071e64fc87de85a22e8919cbc3c98
Download | Favorite | View
Red Hat Security Advisory 2021-4112-01
Posted Nov 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4112-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3748
SHA-256 | 41bc5c32f6e072c01efdd3178561be63c5eaeba772a0c8daab04615ea5fbe629
Download | Favorite | View
Debian Security Advisory 4980-1
Posted Oct 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4980-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service or the the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2021-3544, CVE-2021-3545, CVE-2021-3546, CVE-2021-3638, CVE-2021-3682, CVE-2021-3713, CVE-2021-3748
SHA-256 | ddc750d896a05a7739ac3c32ccc088274d91a7af3ee492e2f13ec7ec5e11244b
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close