QEMU Paravirtual RDMA Device Memory Remapping Vulnerability
CVE-2021-3582 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. The issue occurs while handling a "PVRDMA_CMD_CREATE_MR" command due to improper memory remapping (mremap). This flaw allows a malicious guest to crash the QEMU process on the host. The highest threat from this vulnerability is to system availability.
Learn more about our Cis Benchmark Audit For Vmware.