CVE-2021-3930

MEDIUM Year: 2021
CVSS v3 Score
6.5
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-193
View all →

Vulnerability Description

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.

Related Vulnerabilities

CVE-2015-8701

MEDIUM
CVSS:6.5(Medium)

QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit (tx) descriptors in 'tx_consume' routine, if a descr...

CWE-1932015

CVE-2018-14679

MEDIUM
CVSS:6.5(Medium)

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitiali...

CWE-1932018

CVE-2018-5800

MEDIUM
CVSS:6.5(Medium)

An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subse...

CWE-1932018

CVE-2019-10131

MEDIUM
CVSS:6.5(Medium)

An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end ...

CWE-1932019

CVE-2020-27171

MEDIUM
CVSS:6.0(Medium)

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic,...

CWE-1932020

CVE-2019-12521

MEDIUM
CVSS:5.9(Medium)

An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement...

CWE-1932019