Showing 1 - 6 of 6

CVE-2021-3929

Status Candidate

Overview

A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition or, potentially, executing arbitrary code within the context of the QEMU process on the host.

Related Files

Ubuntu Security Notice USN-5489-1: Posted Jun 21, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5489-1 - Alexander Bulekov discovered that QEMU incorrectly handled floppy disk emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak sensitive information. It was discovered that QEMU incorrectly handled NVME controller emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2021-3507, CVE-2021-3929, CVE-2022-0358, CVE-2022-26353, CVE-2022-26354; SHA-256 | 5e7afcf473dc350167fc86323143e719c2f4a10a84ed04040691851b4e79d4b6; Download | Favorite | View

Red Hat Security Advisory 2022-4814-01: Posted May 31, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-4814-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include denial of service and memory exhaustion vulnerabilities.; tags | advisory, web, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2018-25032, CVE-2020-0404, CVE-2020-13974, CVE-2020-19131, CVE-2020-27820, CVE-2020-35492, CVE-2020-4788, CVE-2021-0941, CVE-2021-20322, CVE-2021-21781, CVE-2021-26401, CVE-2021-29154, CVE-2021-3612, CVE-2021-3634, CVE-2021-3669, CVE-2021-37159, CVE-2021-3737, CVE-2021-3743, CVE-2021-3744, CVE-2021-3752, CVE-2021-3759, CVE-2021-3764, CVE-2021-3772, CVE-2021-3773, CVE-2021-3807, CVE-2021-39293, CVE-2021-4002; SHA-256 | de3fa8ee040cf6c28c1affa37a50086f48d77a4fce95eaf6d26445098ef47a20; Download | Favorite | View

Red Hat Security Advisory 2022-1819-01: Posted May 11, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1819-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Issues addressed include a memory exhaustion vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2021-38297, CVE-2021-39293, CVE-2021-41771, CVE-2021-41772, CVE-2022-23772, CVE-2022-23773, CVE-2022-23806; SHA-256 | 0cef4f3cb238b44324063cb73b26ab3a647c83018d6eeb756322cd435509f3e0; Download | Favorite | View

Red Hat Security Advisory 2022-0655-01: Posted Mar 1, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.23. Issues addressed include a memory exhaustion vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2021-39293; SHA-256 | 3e043d2935f40660cdd00df903b9330458addc092fa78100d8433379125b23a7; Download | Favorite | View

Red Hat Security Advisory 2022-0432-04: Posted Feb 4, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0432-04 - Red Hat OpenShift Serverless Client kn 1.20.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.20.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. Issues addressed include a memory exhaustion vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2021-29923, CVE-2021-38297, CVE-2021-39293; SHA-256 | 5fdc41d654a493f55d6eb41d435bfb23ba9545d42e2ecfeed0dcc24a411429e1; Download | Favorite | View

NetModule Router Software Password Handling / Session Fixation: Posted Aug 20, 2021; Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com; NetModule Router Software versions prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 suffer from insecure password handling and session fixation vulnerabilities.; tags | exploit, vulnerability; advisories | CVE-2021-39289, CVE-2021-39290, CVE-2021-39291; SHA-256 | 55c2cd76e6eb849928d497ed398e7ef24c35c003556aab944b5829e79cdf8dc6; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 93 files
Gentoo 31 files
Debian 21 files
tmrswrr 9 files
Sina Kheirkhah 7 files
bRpsd 4 files
Amit Roy 4 files
Aslam Anwar Mahimkar 3 files
nu11secur1ty 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,075)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,322)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,252)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,647)
UNIX (9,424)
UnixWare (187)
Windows (6,665)
Other

CVE-2021-3929

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems