CVE-2021-20181
Summary
| CVE | CVE-2021-20181 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-05-13 16:15:00 UTC |
|---|
| Updated | 2023-11-07 03:28:00 UTC |
|---|
| Description | A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability. |
|---|
NVD Known Affected Configurations (CPE 2.3)
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 174921 SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:1245-1)
- 174922 SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:1240-1)
- 174923 SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:1241-1)
- 174924 SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:1244-1)
- 174926 SUSE Enterprise Linux Security Update for qemu (SUSE-SU-2021:1242-1)
- 179892 Debian Security Update for qemu (CVE-2021-20181)
- 180995 Debian Security Update for qemu (DLA 3099-1)
- 502354 Alpine Linux Security Update for qemu
- 671198 EulerOS Security Update for qemu (EulerOS-SA-2022-1034)
- 671203 EulerOS Security Update for qemu (EulerOS-SA-2022-1014)
- 750338 OpenSUSE Security Update for qemu (openSUSE-SU-2021:0363-1)
- 900156 CBL-Mariner Linux Security Update for qemu-kvm 4.2.0
- 902810 Common Base Linux Mariner (CBL-Mariner) Security Update for qemu-kvm (4271)
