CVE-2021-3682 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Arbitrary code execution
Description	A security issue was found in the USB redirector device emulation of QEMU. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2322	qemu	6.0.0-3	6.1.0-1	Medium	Fixed

References
https://bugzilla.redhat.com/show_bug.cgi?id=1989651 https://gitlab.com/qemu-project/qemu/-/issues/491 https://gitlab.com/qemu-project/qemu/-/commit/5e796671e6b8d5de4b0b423dce1b3eba144a92c9