CVE-2021-20181

Published: May 13, 2021Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Exploitability: 0.8 / Impact: 6.0

Source: NVD

Description

A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as system availability.

Affected (3)

Products: Qemu: Qemu · Debian: Debian Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Qemu Qemu	Up to 5.2.0

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 9.0

Related CWEs

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

References (10)

https://bugzilla.redhat.com/show_bug.cgi?id=1927007

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20210720-0009/

Source: secalert@redhat.com

Third Party Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-159/

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1927007

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20210720-0009/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-159/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.