A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CVSS 2: LOW – 2.1 (Version: 2.0)
CVSS 3: MEDIUM – 5.5 (Version: 3.1)
Quelle: NVD – CVE-2021-20255
Datum Veröffentlichung: 2021-03-09T20:15Z, Datum letzte Änderung: 2021-05-07T05:15Z