Deadlock Issue in AHCI Controller of QEMU Affects System Performance
CVE-2021-3735

4.4MEDIUM

Key Information:

Vendor

Qemu
Status
Qemu
Vendor
CVE Published:
26 August 2022

What is CVE-2021-3735?

A deadlock vulnerability in the AHCI controller of QEMU may allow a malicious privileged user within a guest environment to execute a software reset that leads to a hang in the QEMU process on the host system. This condition can ultimately result in denial of service, impacting system availability and performance. It is crucial for administrators to be aware of this issue to mitigate potential disruptions in services.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

QEMU Not Known

References

https://bugzilla.redhat.com/show_bug.cgi?id=1997184
x_refsource_MISC
https://access.redhat.com/security/cve/CVE-2021-3735
x_refsource_MISC
https://security-tracker.debian.org/tracker/CVE-2021-3735
x_refsource_MISC

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.