How severe is CVE-2021-3607?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6 out of 10.

What type of vulnerability is CVE-2021-3607?

This is classified as CWE-190, which is a common weakness in software security.

CVE-2021-3607 - MEDIUM Severity | CVSS 6

Vulnerability Description

An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest user to make QEMU allocate a large amount of memory, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Related Vulnerabilities

CVE-2024-45779

MEDIUM

CVSS:6.0(Medium)

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted o...

CWE-1902024

CVE-2024-57492

MEDIUM

CVSS:6.0(Medium)

An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the round_up_to_page funciton.

CWE-1902024

CVE-2016-10319

MEDIUM

CVSS:5.9(Medium)

In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. This affects certain cases involving...

CWE-1902016

CVE-2016-6328

MEDIUM

CVSS:6.1(Medium)

A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critic...

CWE-1902016

CVE-2016-8795

MEDIUM

CVSS:5.9(Medium)

Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, ...

CWE-1902016

CVE-2018-5733

MEDIUM

CVSS:5.9(Medium)

A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash....

CWE-1902018