Wind River Support Network

HomeDefectsLIN1019-6099
Acknowledged

LIN1019-6099 : Security Advisory - qemu - CVE-2021-20255

Created: Feb 22, 2021    Updated: Feb 28, 2021
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

A stack overflow via infinite recursion issue was found in the eepro100 i8255x device emulator of QEMU. It could occur while processing controller commands due to DMA re-entrancy issue. A guest user/process may use this flaw to consume cpu cycles or crash the QEMU process on the host resulting in DoS scenario.c

https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html

CREATE(Triage):(User=admin) [CVE-2021-20255|https://nvd.nist.gov/vuln/detail/CVE-2021-20255]
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube