CVE-2021-3930

Advisory lineage Upstream: 0 Downstream: 14
Modified
Published: 18 Feb 2022, 17:50
Last modified:03 Aug 2024, 17:09

Vulnerability Summary

Overall Risk (default)
medium
26/100
CVSS Score
6.5 MEDIUM
v3.1 (nvd)
EPSS Score
0.05% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

18 Feb 2022, 17:50
Published
Vulnerability first disclosed
03 Aug 2024, 17:09
Last Modified
Vulnerability information updated

Description

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.

CVSS Metrics

  • v3.1MEDIUMScore: 6.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  • v2.0LOWScore: 2.1AV:L/AC:L/Au:N/C:N/I:N/A:P

EPSS Trends

Current EPSS score: 0.05% Percentile: 17%

Techniques & Countermeasures

  • CWE-193Off-by-one Error

    A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

Affected Systems

  • debiandebian_linux

    9.0 | 10.0

  • qemuqemu

    < 6.2.0

  • redhatcodeready_linux_builder

    8.0

  • redhatcodeready_linux_builder_for_ibm_z_systems

    8.0

  • redhatcodeready_linux_builder_for_power_little_endian

    8.0

  • redhatenterprise_linux

    8.0

  • redhatenterprise_linux_advanced_virtualization_eus

    8.4

  • redhatenterprise_linux_for_ibm_z_systems

    8.0

  • redhatenterprise_linux_for_power_little_endian

    8.0

  • redhatopenstack

    10 | 13

References (5)