CVE-2021-3682

HIGH Year: 2021
CVSS v3 Score
8.5
High
CVSS v2 Score
6.0
Medium
Weakness Type
CWE-763
View all →

Vulnerability Description

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.

Related Vulnerabilities

CVE-2022-42309

HIGH
CVSS:8.8(High)

Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xens...

CWE-7632022

CVE-2024-6607

HIGH
CVSS:8.8(High)

It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a `<select>` element over certain permission prompts. This could ...

CWE-7632024

CVE-2013-4695

HIGH
CVSS:7.8(High)

Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution

CWE-7632013

CVE-2017-0731

HIGH
CVSS:7.8(High)

A elevation of privilege vulnerability in the Android media framework (mpeg4 encoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36075363.

CWE-7632017

CVE-2017-18075

HIGH
CVSS:7.8(High)

crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_C...

CWE-7632017

CVE-2018-9557

HIGH
CVSS:7.8(High)

In really_install_package of install.cpp, there is a possible free of arbitrary memory due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileg...

CWE-7632018