An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest user to make QEMU allocate a large amount of memory, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2022-02-24T18:50:19
Updated: 2024-08-03T17:01:07.813Z
Reserved: 2021-06-17T00:00:00
Link: CVE-2021-3607
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-02-24T19:15:09.113
Modified: 2024-11-21T06:21:57.923
Link: CVE-2021-3607
Redhat