CVE-2021-3930 vulnerability in Canonical and Other Products
Published on February 18, 2022

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.

Vendor Advisory NVD

Weakness Type

What is an off-by-five Vulnerability?

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

CVE-2021-3930 has been classified to as an off-by-five vulnerability or weakness.

Products Associated with CVE-2021-3930

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-3930 are published in these products:

Canonical Ubuntu Linux

QEMU

Red Hat Codeready Linux Builder

Red Hat Codeready Linux Builder Ibm Z Systems

Red Hat Codeready Linux Builder Power Little Endian

Red Hat Openstack

Red Hat Enterprise Linux (RHEL)

Red Hat Enterprise Linux Advanced Virtualization Eus

Red Hat Enterprise Linux Ibm Z Systems

Red Hat Enterprise Linux Power Little Endian

Debian Linux

Exploit Probability

EPSS

0.05%

Percentile

16.81%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-3930 vulnerability in Canonical and Other ProductsPublished on February 18, 2022

Weakness Type

What is an off-by-five Vulnerability?

Products Associated with CVE-2021-3930

Exploit Probability

CVE-2021-3930 vulnerability in Canonical and Other Products
Published on February 18, 2022