VDB
CVE-2021-3638
CVE-2021-3638
PUBLISHED
Es existiert eine Schwachstelle in QEMU. Sie besteht in der ATI VGA emulation und ist auf einen Out-of-Bounds-Schreibfehler zurückzuführen. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuführen.
EPSS 0.02% · 5.7th percentile
Risk Scores
EPSS Score
0.02%
5.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source | Open Source QEMU | |
| SUSE | SUSE Linux | |
| Ubuntu | Ubuntu Linux | |
| Oracle | Oracle Linux |
Timeline
- Mar 3, 2022 CVE Published
- Mar 4, 2022 EPSS Score
- Apr 25, 2022 EPSS Score
- Jun 15, 2022 EPSS Score
- Aug 7, 2022 EPSS Score
- Sep 27, 2022 EPSS Score
- Nov 18, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 1, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 21, 2023 EPSS Score
- Jun 12, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2257.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2257 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-3638 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1979858 advisory
- https://linux.oracle.com/errata/ELSA-2023-12065.html advisory
- https://linux.oracle.com/errata/ELSA-2023-12108.html advisory
- https://ubuntu.com/security/notices/USN-6567-1 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-December/017395.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-August/016033.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-September/016281.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-October/016649.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-February/017988.html advisory
- https://ubuntu.com/security/notices/USN-6567-2 advisory
- https://linux.oracle.com/errata/ELSA-2024-12605.html advisory