中危 qemu qemu 跨界内存读

CVE编号

CVE-2021-20295

利用情况

暂无

补丁情况

没有补丁

披露时间

2022-04-02

漏洞描述

It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059). CVE-2021-20295 was assigned to that Red Hat specific security regression. For more details about the original security issue CVE-2020-10756, refer to bug 1835986 or the CVE page: https://access.redhat.com/security/cve/CVE-2020-10756.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
https://access.redhat.com/security/cve/CVE-2020-10756
https://bugzilla.redhat.com/show_bug.cgi?id=1944075
https://security.netapp.com/advisory/ntap-20220519-0003/

受影响软件情况

#	类型	厂商	产品	版本	影响面
1
	运行在以下环境
	应用	qemu	qemu	*		Up to (excluding) 4.2.0-34
	运行在以下环境
	系统	centos_8	libvirt-daemon-driver-nodedev	*		Up to (excluding) 4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5
	运行在以下环境
	系统	debian_10	qemu	*		Up to (excluding) 3.1+dfsg-8+deb10u8
	运行在以下环境
	系统	debian_11	qemu	*		Up to (excluding) 5.2+dfsg-11+deb11u3
	运行在以下环境
	系统	debian_12	qemu	*		Up to (excluding) 7.2+dfsg-7+deb12u2
	运行在以下环境
	系统	debian_sid	qemu	*		Up to (excluding) 8.1.2+ds-1
	运行在以下环境
	系统	oracle_8	libvirt-daemon-driver-storage-gluster	*		Up to (excluding) 1.40.2-25.0.1.module+el8.3.0+7860+a7792d29
	运行在以下环境
	系统	redhat_8	libvirt-daemon-driver-nodedev	*		Up to (excluding) 4.2.0-34.module+el8.3.0+10437+1ca0c2ba.5

阿里云评分 5.7

• 攻击路径 本地
• 攻击复杂度 容易
• 权限要求 普通权限
• 影响范围 全局影响
• EXP成熟度 未验证
• 补丁情况 没有补丁
• 数据保密性 数据泄露
• 数据完整性 无影响
• 服务器危害 无影响
• 全网数量 N/A

CWE-ID	漏洞类型
CWE-125	跨界内存读

Exp相关链接

- avd.aliyun.com