Description
An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.
Solution(s)
centos-upgrade-hivex centos-upgrade-hivex-debuginfo centos-upgrade-hivex-debugsource centos-upgrade-hivex-devel centos-upgrade-libguestfs centos-upgrade-libguestfs-bash-completion centos-upgrade-libguestfs-debuginfo centos-upgrade-libguestfs-debugsource centos-upgrade-libguestfs-devel centos-upgrade-libguestfs-gfs2 centos-upgrade-libguestfs-gobject centos-upgrade-libguestfs-gobject-debuginfo centos-upgrade-libguestfs-gobject-devel centos-upgrade-libguestfs-inspect-icons centos-upgrade-libguestfs-java centos-upgrade-libguestfs-java-debuginfo centos-upgrade-libguestfs-java-devel centos-upgrade-libguestfs-javadoc centos-upgrade-libguestfs-man-pages-ja centos-upgrade-libguestfs-man-pages-uk centos-upgrade-libguestfs-rescue centos-upgrade-libguestfs-rsync centos-upgrade-libguestfs-tools centos-upgrade-libguestfs-tools-c centos-upgrade-libguestfs-tools-c-debuginfo centos-upgrade-libguestfs-winsupport centos-upgrade-libguestfs-xfs centos-upgrade-libiscsi centos-upgrade-libiscsi-debuginfo centos-upgrade-libiscsi-debugsource centos-upgrade-libiscsi-devel centos-upgrade-libiscsi-utils centos-upgrade-libiscsi-utils-debuginfo centos-upgrade-libnbd centos-upgrade-libnbd-bash-completion centos-upgrade-libnbd-debuginfo centos-upgrade-libnbd-debugsource centos-upgrade-libnbd-devel centos-upgrade-libtpms centos-upgrade-libtpms-debuginfo centos-upgrade-libtpms-debugsource centos-upgrade-libtpms-devel centos-upgrade-libvirt centos-upgrade-libvirt-admin centos-upgrade-libvirt-admin-debuginfo centos-upgrade-libvirt-bash-completion centos-upgrade-libvirt-client centos-upgrade-libvirt-client-debuginfo centos-upgrade-libvirt-daemon centos-upgrade-libvirt-daemon-config-network centos-upgrade-libvirt-daemon-config-nwfilter centos-upgrade-libvirt-daemon-debuginfo centos-upgrade-libvirt-daemon-driver-interface centos-upgrade-libvirt-daemon-driver-interface-debuginfo centos-upgrade-libvirt-daemon-driver-network centos-upgrade-libvirt-daemon-driver-network-debuginfo centos-upgrade-libvirt-daemon-driver-nodedev centos-upgrade-libvirt-daemon-driver-nodedev-debuginfo centos-upgrade-libvirt-daemon-driver-nwfilter centos-upgrade-libvirt-daemon-driver-nwfilter-debuginfo centos-upgrade-libvirt-daemon-driver-qemu centos-upgrade-libvirt-daemon-driver-qemu-debuginfo centos-upgrade-libvirt-daemon-driver-secret centos-upgrade-libvirt-daemon-driver-secret-debuginfo centos-upgrade-libvirt-daemon-driver-storage centos-upgrade-libvirt-daemon-driver-storage-core centos-upgrade-libvirt-daemon-driver-storage-core-debuginfo centos-upgrade-libvirt-daemon-driver-storage-disk centos-upgrade-libvirt-daemon-driver-storage-disk-debuginfo centos-upgrade-libvirt-daemon-driver-storage-gluster centos-upgrade-libvirt-daemon-driver-storage-gluster-debuginfo centos-upgrade-libvirt-daemon-driver-storage-iscsi centos-upgrade-libvirt-daemon-driver-storage-iscsi-debuginfo centos-upgrade-libvirt-daemon-driver-storage-iscsi-direct centos-upgrade-libvirt-daemon-driver-storage-iscsi-direct-debuginfo centos-upgrade-libvirt-daemon-driver-storage-logical centos-upgrade-libvirt-daemon-driver-storage-logical-debuginfo centos-upgrade-libvirt-daemon-driver-storage-mpath centos-upgrade-libvirt-daemon-driver-storage-mpath-debuginfo centos-upgrade-libvirt-daemon-driver-storage-rbd centos-upgrade-libvirt-daemon-driver-storage-rbd-debuginfo centos-upgrade-libvirt-daemon-driver-storage-scsi centos-upgrade-libvirt-daemon-driver-storage-scsi-debuginfo centos-upgrade-libvirt-daemon-kvm centos-upgrade-libvirt-dbus centos-upgrade-libvirt-dbus-debuginfo centos-upgrade-libvirt-dbus-debugsource centos-upgrade-libvirt-debuginfo centos-upgrade-libvirt-debugsource centos-upgrade-libvirt-devel centos-upgrade-libvirt-docs centos-upgrade-libvirt-libs centos-upgrade-libvirt-libs-debuginfo centos-upgrade-libvirt-lock-sanlock centos-upgrade-libvirt-lock-sanlock-debuginfo centos-upgrade-libvirt-nss centos-upgrade-libvirt-nss-debuginfo centos-upgrade-libvirt-python-debugsource centos-upgrade-lua-guestfs centos-upgrade-lua-guestfs-debuginfo centos-upgrade-nbdfuse centos-upgrade-nbdfuse-debuginfo centos-upgrade-nbdkit centos-upgrade-nbdkit-bash-completion centos-upgrade-nbdkit-basic-filters centos-upgrade-nbdkit-basic-filters-debuginfo centos-upgrade-nbdkit-basic-plugins centos-upgrade-nbdkit-basic-plugins-debuginfo centos-upgrade-nbdkit-curl-plugin centos-upgrade-nbdkit-curl-plugin-debuginfo centos-upgrade-nbdkit-debuginfo centos-upgrade-nbdkit-debugsource centos-upgrade-nbdkit-devel centos-upgrade-nbdkit-example-plugins centos-upgrade-nbdkit-example-plugins-debuginfo centos-upgrade-nbdkit-gzip-filter centos-upgrade-nbdkit-gzip-filter-debuginfo centos-upgrade-nbdkit-gzip-plugin centos-upgrade-nbdkit-gzip-plugin-debuginfo centos-upgrade-nbdkit-linuxdisk-plugin centos-upgrade-nbdkit-linuxdisk-plugin-debuginfo centos-upgrade-nbdkit-nbd-plugin centos-upgrade-nbdkit-nbd-plugin-debuginfo centos-upgrade-nbdkit-python-plugin centos-upgrade-nbdkit-python-plugin-debuginfo centos-upgrade-nbdkit-server centos-upgrade-nbdkit-server-debuginfo centos-upgrade-nbdkit-ssh-plugin centos-upgrade-nbdkit-ssh-plugin-debuginfo centos-upgrade-nbdkit-tar-filter centos-upgrade-nbdkit-tar-filter-debuginfo centos-upgrade-nbdkit-tar-plugin centos-upgrade-nbdkit-tar-plugin-debuginfo centos-upgrade-nbdkit-tmpdisk-plugin centos-upgrade-nbdkit-tmpdisk-plugin-debuginfo centos-upgrade-nbdkit-vddk-plugin centos-upgrade-nbdkit-vddk-plugin-debuginfo centos-upgrade-nbdkit-xz-filter centos-upgrade-nbdkit-xz-filter-debuginfo centos-upgrade-netcf centos-upgrade-netcf-debuginfo centos-upgrade-netcf-debugsource centos-upgrade-netcf-devel centos-upgrade-netcf-libs centos-upgrade-netcf-libs-debuginfo centos-upgrade-ocaml-hivex centos-upgrade-ocaml-hivex-debuginfo centos-upgrade-ocaml-hivex-devel centos-upgrade-ocaml-libguestfs centos-upgrade-ocaml-libguestfs-debuginfo centos-upgrade-ocaml-libguestfs-devel centos-upgrade-ocaml-libnbd centos-upgrade-ocaml-libnbd-debuginfo centos-upgrade-ocaml-libnbd-devel centos-upgrade-perl-hivex centos-upgrade-perl-hivex-debuginfo centos-upgrade-perl-sys-guestfs centos-upgrade-perl-sys-guestfs-debuginfo centos-upgrade-perl-sys-virt centos-upgrade-perl-sys-virt-debuginfo centos-upgrade-perl-sys-virt-debugsource centos-upgrade-python3-hivex centos-upgrade-python3-hivex-debuginfo centos-upgrade-python3-libguestfs centos-upgrade-python3-libguestfs-debuginfo centos-upgrade-python3-libnbd centos-upgrade-python3-libnbd-debuginfo centos-upgrade-python3-libvirt centos-upgrade-python3-libvirt-debuginfo centos-upgrade-python3-pyvmomi centos-upgrade-qemu-guest-agent centos-upgrade-qemu-guest-agent-debuginfo centos-upgrade-qemu-img centos-upgrade-qemu-img-debuginfo centos-upgrade-qemu-kiwi centos-upgrade-qemu-kiwi-debuginfo centos-upgrade-qemu-kvm centos-upgrade-qemu-kvm-block-curl centos-upgrade-qemu-kvm-block-curl-debuginfo centos-upgrade-qemu-kvm-block-gluster centos-upgrade-qemu-kvm-block-gluster-debuginfo centos-upgrade-qemu-kvm-block-iscsi centos-upgrade-qemu-kvm-block-iscsi-debuginfo centos-upgrade-qemu-kvm-block-rbd centos-upgrade-qemu-kvm-block-rbd-debuginfo centos-upgrade-qemu-kvm-block-ssh centos-upgrade-qemu-kvm-block-ssh-debuginfo centos-upgrade-qemu-kvm-common centos-upgrade-qemu-kvm-common-debuginfo centos-upgrade-qemu-kvm-core centos-upgrade-qemu-kvm-core-debuginfo centos-upgrade-qemu-kvm-debuginfo centos-upgrade-qemu-kvm-debugsource centos-upgrade-qemu-kvm-docs centos-upgrade-qemu-kvm-tests centos-upgrade-qemu-kvm-tests-debuginfo centos-upgrade-ruby-hivex centos-upgrade-ruby-hivex-debuginfo centos-upgrade-ruby-libguestfs centos-upgrade-ruby-libguestfs-debuginfo centos-upgrade-seabios centos-upgrade-seabios-bin centos-upgrade-seavgabios-bin centos-upgrade-sgabios centos-upgrade-sgabios-bin centos-upgrade-supermin centos-upgrade-supermin-debuginfo centos-upgrade-supermin-debugsource centos-upgrade-supermin-devel centos-upgrade-swtpm centos-upgrade-swtpm-debuginfo centos-upgrade-swtpm-debugsource centos-upgrade-swtpm-devel centos-upgrade-swtpm-libs centos-upgrade-swtpm-libs-debuginfo centos-upgrade-swtpm-tools centos-upgrade-swtpm-tools-debuginfo centos-upgrade-virt-dib centos-upgrade-virt-dib-debuginfo centos-upgrade-virt-v2v centos-upgrade-virt-v2v-bash-completion centos-upgrade-virt-v2v-debuginfo centos-upgrade-virt-v2v-debugsource centos-upgrade-virt-v2v-man-pages-ja centos-upgrade-virt-v2v-man-pages-uk
ReferencesCESA-2021:1125 CVE-2021-20221