VYPR
Unrated severityNVD Advisory· Published Feb 24, 2022· Updated Aug 3, 2024

CVE-2021-3607

CVE-2021-3607

Description

An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest user to make QEMU allocate a large amount of memory, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

23

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.