Log

AVG-1898 edited at 25 Aug 2021 10:40:43
Issues
CVE-2020-14394
CVE-2021-3507
- CVE-2021-3527
- CVE-2021-3544
- CVE-2021-3545
- CVE-2021-3546
- CVE-2021-3582
- CVE-2021-3607
- CVE-2021-3608
CVE-2021-3611
CVE-2021-3638
- CVE-2021-3682
CVE-2021-3713
CVE-2021-3735
CVE-2021-20196
CVE-2021-20203
CVE-2021-20255
CVE-2021-3608 edited at 25 Aug 2021 10:30:41
References
https://bugzilla.redhat.com/show_bug.cgi?id=1973383
+ https://gitlab.com/qemu-project/qemu/-/commit/66ae37d8cc313f89272e711174a846a229bcdbd3
CVE-2021-3607 edited at 25 Aug 2021 10:29:58
References
https://bugzilla.redhat.com/show_bug.cgi?id=1973349
+ https://gitlab.com/qemu-project/qemu/-/commit/32e5703cfea07c91e6e84bcb0313f633bb146534
CVE-2021-3582 edited at 25 Aug 2021 10:28:59
References
https://bugzilla.redhat.com/show_bug.cgi?id=1966266
- https://lists.nongnu.org/archive/html/qemu-devel/2021-06/msg04148.html
+ https://gitlab.com/qemu-project/qemu/-/commit/284f191b4abad213aed04cb0458e1600fd18d7c4
CVE-2021-3735 edited at 25 Aug 2021 10:23:50
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ A deadlock issue was found in the AHCI controller device (ich9-ahci) of QEMU while handling a host-to-device Register FIS (Frame Information Structure) packet from the guest. The bug is triggered on a software reset (ahci_reset_port) in the handle_reg_h2d_fis() function [1]. A privileged user inside the guest could use this flaw to hang the QEMU process on the host, resulting in a denial of service condition.
References
+ https://bugzilla.redhat.com/show_bug.cgi?id=1997184
AVG-1898 edited at 25 Aug 2021 10:23:28
Issues
CVE-2020-14394
CVE-2021-3507
CVE-2021-3527
CVE-2021-3544
CVE-2021-3545
CVE-2021-3546
CVE-2021-3582
CVE-2021-3607
CVE-2021-3608
CVE-2021-3611
CVE-2021-3638
CVE-2021-3682
CVE-2021-3713
+ CVE-2021-3735
CVE-2021-20196
CVE-2021-20203
CVE-2021-20255
CVE-2021-3735 created at 25 Aug 2021 10:23:28
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
CVE-2021-32781 edited at 25 Aug 2021 10:20:01
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability that affects Envoy’s decompressor, json-transcoder or grpc-web extensions or proprietary extensions that modify and increase the size of request or response bodies. Modifying and increasing the size of the body in an Envoy extension beyond the internal buffer size could lead to Envoy accessing deallocated memory and terminating abnormally.
References
+ https://istio.io/latest/news/security/istio-security-2021-008/#cve-2021-32781
CVE-2021-32780 edited at 25 Aug 2021 10:19:12
Description
- Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability where an untrusted upstream service could cause Envoy to terminate abnormally by sending the GOAWAY frame followed by the SETTINGS frame with the SETTINGS_MAX_CONCURRENT_STREAMS parameter set to 0. See CVE-2021-32780 for more information.
+ Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability where an untrusted upstream service could cause Envoy to terminate abnormally by sending the GOAWAY frame followed by the SETTINGS frame with the SETTINGS_MAX_CONCURRENT_STREAMS parameter set to 0.
CVE-2021-32778 edited at 25 Aug 2021 10:19:04
Description
- Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability where an Envoy client opening and then resetting a large number of HTTP/2 requests could lead to excessive CPU consumption. See CVE-2021-32778 for for information.
+ Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability where an Envoy client opening and then resetting a large number of HTTP/2 requests could lead to excessive CPU consumption.
CVE-2021-32777 edited at 25 Aug 2021 10:18:55
Description
- Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability that an HTTP request with multiple value headers could do an incomplete authorization policy check when the ext_authz extension is used. When a request header contains multiple values, the external authorization server will only see the last value of the given header. See CVE-2021-32777 for more information.
+ Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability that an HTTP request with multiple value headers could do an incomplete authorization policy check when the ext_authz extension is used. When a request header contains multiple values, the external authorization server will only see the last value of the given header.