First published: Fri Nov 05 2021(Updated: )
An off-by-one error was found in the SCSI Device emulation in QEMU. It could occur in hw/scsi/scsi-disk.c:mode_sense_page() while processing MODE SELECT commands if 'page' was set to MODE_PAGE_ALLS (0x3f). Specifically, 'page' was used to index the stack-allocated 'mode_sense_valid' buffer (size=0x3f), causing an off-by-one error when trying to access the last element. A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/qemu-kvm | <6.2.0 | 6.2.0 |
QEMU qemu | <6.2.0 | |
Redhat Codeready Linux Builder | =8.0 | |
Redhat Codeready Linux Builder For Ibm Z Systems | =8.0 | |
Redhat Codeready Linux Builder For Power Little Endian | =8.0 | |
Redhat Openstack | =10 | |
Redhat Openstack | =13 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux Advanced Virtualization Eus | =8.4 | |
Redhat Enterprise Linux For Ibm Z Systems | =8.0 | |
Redhat Enterprise Linux For Power Little Endian | =8.0 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
debian/qemu | <=1:5.2+dfsg-11+deb11u2 | 1:5.2+dfsg-11+deb11u3 1:7.2+dfsg-7+deb12u7 1:9.1.2+ds-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-3930 is an off-by-one error found in the SCSI device emulation in QEMU.
CVE-2021-3930 could potentially crash QEMU, resulting in a denial of service condition.
QEMU versions up to and excluding 6.2.0 are affected by CVE-2021-3930.
CVE-2021-3930 has a severity rating of 6.5 (medium).
You can find more information about CVE-2021-3930 on the Red Hat Bugzilla and NetApp security advisory websites, as well as the Debian LTS announce mailing list.