CVE-2021-20196

CVE-2021-20196

Vendor N/A

Product qemu

Weakness CWE-476

Published May 26, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

Key dates

02Disclosure timeline

May 26, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-20196 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/476.html

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE