CVE-2021-3544

Summary

Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime.

Affected Software

VendorProductVersion RangeStatus
n/aQEMUAll QEMU versions up to and including 6.0affected

Weaknesses

  • CWE-401: CWE-401

ADP Enrichment

CVE Program Container

Additional References

References