← back
CVE-2021-3930

CVE-2021-3930

EPSS 0.3%CWE-193
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.3%KEV nãoPoC Patch referenciado
Lifecycle
18 Feb 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.
Affected products
n/a · QEMU

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=2020588https://lists.debian.org/debian-lts-announce/2022/04/msg00002.htmlhttps://lists.debian.org/debian-lts-announce/2022/09/msg00008.htmlhttps://security.gentoo.org/glsa/202208-27https://security.netapp.com/advisory/ntap-20220225-0007/