Soumettre #7350: CVE-2021-3392 - Denial of Service in QEMU virtualisationinformation

TitreCVE-2021-3392 - Denial of Service in QEMU virtualisation
DescriptionWhile processing SCSI i/o requests in mptsas_process_scsi_io_request(), the Megaraid emulator appends new MPTSASRequest object 'req' to the 's->pending' queue. In case of an error, this same object gets dequeued in mptsas_free_request() only if SCSIRequest object 'req->sreq' is initialised. This may lead to a use-after-free issue. Unconditionally dequeue 'req' object from 's->pending' to avoid it. Source: https://bugs.launchpad.net/qemu/+bug/1914236 https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg00488.html
La source⚠️ https://bugs.launchpad.net/qemu/+bug/1914236
Utilisateur
 CSieberg (UID 13359)
Soumission08/02/2021 11:47 (il y a 5 ans)
Modérer08/02/2021 13:08 (1 hour later)
StatutAccepté
Entrée VulDB169365 [QEMU 5.2.0 SCSI IO Request mptsas.c mptsas_process_scsi_io_request buffer overflow]
Points20

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!