Latest Vulnerabilities and Exploits



CVE ID:

CVE-2021-3416

Details:

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.

References:

:https://bugzilla.redhat.com/show_bug.cgi?id=1932827
:https://bugzilla.redhat.com/show_bug.cgi?id=1932827
:https://www.openwall.com/lists/oss-security/2021/02/26/1
:https://www.openwall.com/lists/oss-security/2021/02/26/1

ZeroDayLab Assigned Tags:

INFINITE LOOP VULNERABILITY
CRASH