CVE-2021-20221 - log back

CVE-2021-20221 edited at 05 Feb 2021 08:47:24
Description
- A security issue was found in QEMU. When using the non-default option kernel-irqchip=off, undefined behaviour can lead to a heap buffer overflow.
+ An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in a denial of service scenario. Exploiting this issue requires an unusual kernel start-up with 'kernel-irqchip=off'.
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1924601
+ https://www.openwall.com/lists/oss-security/2021/02/05/1
https://bugs.launchpad.net/qemu/+bug/1914353
+ https://gitlab.com/qemu-project/qemu/-/commit/edfe2eb4360cde4ed5d95bda7777edcb3510f76a
CVE-2021-20221 edited at 03 Feb 2021 10:43:13
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ A security issue was found in QEMU. When using the non-default option kernel-irqchip=off, undefined behaviour can lead to a heap buffer overflow.
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=1924601
+ https://bugs.launchpad.net/qemu/+bug/1914353
Notes
+ Workaround
+ ==========
+
+ The issue can be mitigated by using kernel-irqchip=on, which constitutes the recommended default setting of this option.
CVE-2021-20221 created at 03 Feb 2021 10:37:12
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes