Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 735
Alerts This Week
Warning Icon 1 735

Debian: DLA-2753-1 Critical Qemu Security Flaws and Fixes

debian lts
Calendar Grey September 2, 2021
Dist Debian Esm H88
Serious vulnerabilities discovered in the Qemu emulator necessitate immediate patches to avert possible attacks and system failures.
Several security vulnerabilities have been found in Qemu, a fast processor emulator

Summary

An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device
emulation of QEMU. The device uses the guest supplied stream number
unchecked, which can lead to out-of-bounds access to the UASDevice->data3
and UASDevice->status3 fields. A malicious guest user could use this flaw
to crash QEMU or potentially achieve code execution with the privileges of
the QEMU process on the host.

CVE-2021-3682

A flaw was found in the USB redirector device emulation of QEMU. It occurs
when dropping packets during a bulk transfer from a SPICE client due to the
packet queue being full. A malicious SPICE client could use this flaw to
make QEMU call free() with faked heap chunk metadata, resulting in a crash
of QEMU or potential code execution with the privileges of the QEMU process
on the host.

CVE-2021-3527

A flaw was found in the USB redirector device (usb-redir) of QEMU. Small
USB packets are combined into a single, large transfer request, to reduce

Read the Full Advisory


Severity
critical
Lowest
Low
Medium
High
Critical

-------------------------------------------------------------------------Package: qemu
Version: 1:2.8+dfsg-6+deb9u15
CVE ID: CVE-2021-3527 CVE-2021-3592 CVE-2021-3594 CVE-2021-3595
Debian Bug: 988157 989993 989995 989996 991911 992727

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.