CVE-2021-20203

Summary

An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Affected Software

VendorProductVersion RangeStatus
n/aqemuversions up to v5.2.0affected

Weaknesses

  • CWE-190: CWE-190

ADP Enrichment

CVE Program Container

Additional References

References