Submeter #7350: CVE-2021-3392 - Denial of Service in QEMU virtualisationinformação

TítuloCVE-2021-3392 - Denial of Service in QEMU virtualisation
DescriçãoWhile processing SCSI i/o requests in mptsas_process_scsi_io_request(), the Megaraid emulator appends new MPTSASRequest object 'req' to the 's->pending' queue. In case of an error, this same object gets dequeued in mptsas_free_request() only if SCSIRequest object 'req->sreq' is initialised. This may lead to a use-after-free issue. Unconditionally dequeue 'req' object from 's->pending' to avoid it. Source: https://bugs.launchpad.net/qemu/+bug/1914236 https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg00488.html
Fonte⚠️ https://bugs.launchpad.net/qemu/+bug/1914236
Utilizador
 CSieberg (UID 13359)
Submissão08/02/2021 11h47 (há 5 anos)
Moderação08/02/2021 13h08 (1 hour later)
EstadoAceite
Entrada VulDB169365 [QEMU 5.2.0 SCSI IO Request mptsas.c mptsas_process_scsi_io_request Excesso de tampão]
Pontos20

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!