Wind River Support Network

HomeDefectsLIN1022-344
Acknowledged

LIN1022-344 : Security Advisory - qemu - CVE-2021-20255

Created: Apr 29, 2022    Updated: Jul 20, 2023
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

A stack overflow via infinite recursion issue was found in the eepro100 i8255x device emulator of QEMU. It could occur while processing controller commands due to DMA re-entrancy issue. A guest user/process may use this flaw to consume cpu cycles or crash the QEMU process on the host resulting in DoS scenario.c

https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg06098.html

CREATE(Triage):(User=admin) CVE-2021-20255 (https://nvd.nist.gov/vuln/detail/CVE-2021-20255)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube