QEMU Paravirtual RDMA Device Memory Remapping Vulnerability

QEMU Paravirtual RDMA Device Memory Remapping Vulnerability

CVE-2021-3582 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. The issue occurs while handling a "PVRDMA_CMD_CREATE_MR" command due to improper memory remapping (mremap). This flaw allows a malicious guest to crash the QEMU process on the host. The highest threat from this vulnerability is to system availability.

Learn more about our Cis Benchmark Audit For Vmware.