CVE-2021-3713 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
An out-of-bounds write issue was found in the UAS (USB Attached SCSI) device emulation of QEMU. It occurs due to missing sanity checks in the usb_uas_handle_data() function in hw/usb/dev-uas.c. In particular, the device uses the guest-supplied stream number unchecked, which can lead to guest-triggered out-of-bounds access to the UASDevice->data3 and UASDevice->status3 fields.
Group Package Affected Fixed Severity Status Ticket
AVG-1898 qemu 6.1.0-5 Medium Vulnerable
References
https://bugzilla.redhat.com/show_bug.cgi?id=1994640
https://lists.nongnu.org/archive/html/qemu-devel/2021-08/msg02766.html