An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest user to make QEMU allocate a large amount of memory, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-02-24T18:50:19

Updated: 2024-08-03T17:01:07.813Z

Reserved: 2021-06-17T00:00:00

Link: CVE-2021-3607

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-02-24T19:15:09.113

Modified: 2024-11-21T06:21:57.923

Link: CVE-2021-3607

cve-icon Redhat

Severity : Low

Publid Date: 2021-06-17T00:00:00Z

Links: CVE-2021-3607 - Bugzilla