CVE-2021-4145

A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions prior to 6.2.0. The self pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to crash the QEMU process on the host when writing data reaches the threshold of mirroring node.

Published: Jan 25, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-4145
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CVSS v2:

Severity: Low
Score: 4.9
AV:L/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
qemu / qemu	6.1.0-rc1	6.1.0-rc1.x
qemu / qemu	6.1.0	6.1.0.x
qemu / qemu	6.1.0-rc2	6.1.0-rc2.x
qemu / qemu	6.1.0-rc3	6.1.0-rc3.x
qemu / qemu	6.1.0-rc4	6.1.0-rc4.x
qemu / qemu	6.1.0-rc0	6.1.0-rc0.x
redhat / enterprise_linux	8.0	8.0.x

https://bugzilla.redhat.com/show_bug.cgi?id=2034602
https://gitlab.com/qemu-project/qemu/-/commit/66fed30c9cd11854fc878a4eceb507e915d7c9cd
https://security.gentoo.org/glsa/202208-27
https://security.netapp.com/advisory/ntap-20220311-0004/

Vulnerability Database

CVE-2021-4145