{
  "threat_severity" : "Low",
  "public_date" : "2021-01-23T00:00:00Z",
  "bugzilla" : {
    "description" : "QEMU: block: fdc: null pointer dereference may lead to guest crash",
    "id" : "1919210",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1919210"
  },
  "cvss3" : {
    "cvss3_base_score" : "3.2",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-476",
  "details" : [ "A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.", "A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability." ],
  "statement" : "This issue affects the version of the qemu-kvm package shipped with Red Hat Enterprise Linux 5, 6, 7 and 8. Future qemu-kvm package updates for Red Hat Enterprise Linux 7 and 8 may address this issue.\nThis has been rated as having Low security impact and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 5 & 6. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
  "acknowledgement" : "Red Hat would like to thank Gaoning Pan (Zhejiang University & Ant Security Light-Year Lab) for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Advanced Virtualization for RHEL 8.4.0.EUS",
    "release_date" : "2022-01-31T00:00:00Z",
    "advisory" : "RHSA-2022:0325",
    "cpe" : "cpe:/a:redhat:advanced_virtualization:8.4::el8",
    "package" : "virt:av-8040020220110150817.522a0ee4"
  }, {
    "product_name" : "Advanced Virtualization for RHEL 8.4.0.EUS",
    "release_date" : "2022-01-31T00:00:00Z",
    "advisory" : "RHSA-2022:0325",
    "cpe" : "cpe:/a:redhat:advanced_virtualization:8.4::el8",
    "package" : "virt-devel:av-8040020220110150817.522a0ee4"
  }, {
    "product_name" : "Advanced Virtualization for RHEL 8.5.0.Z",
    "release_date" : "2022-02-02T00:00:00Z",
    "advisory" : "RHSA-2022:0397",
    "cpe" : "cpe:/a:redhat:advanced_virtualization:8.5::el8",
    "package" : "virt:av-8050020220115095224.c5368500"
  }, {
    "product_name" : "Advanced Virtualization for RHEL 8.5.0.Z",
    "release_date" : "2022-02-02T00:00:00Z",
    "advisory" : "RHSA-2022:0397",
    "cpe" : "cpe:/a:redhat:advanced_virtualization:8.5::el8",
    "package" : "virt-devel:av-8050020220115095224.c5368500"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-05-10T00:00:00Z",
    "advisory" : "RHSA-2022:1759",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "virt-devel:rhel-8060020220408104655.d63f516d"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-05-10T00:00:00Z",
    "advisory" : "RHSA-2022:1759",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "virt:rhel-8060020220408104655.d63f516d"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Out of support scope",
    "package_name" : "kvm",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Out of support scope",
    "package_name" : "xen",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "qemu-kvm",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Fix deferred",
    "package_name" : "qemu-kvm",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "qemu-kvm-ma",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Fix deferred",
    "package_name" : "qemu-kvm-rhev",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8 Advanced Virtualization",
    "fix_state" : "Fix deferred",
    "package_name" : "virt:8.2/qemu-kvm",
    "cpe" : "cpe:/a:redhat:advanced_virtualization:8::el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8 Advanced Virtualization",
    "fix_state" : "Fix deferred",
    "package_name" : "virt:8.3/qemu-kvm",
    "cpe" : "cpe:/a:redhat:advanced_virtualization:8::el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8 Advanced Virtualization",
    "fix_state" : "Affected",
    "package_name" : "virt:av/qemu-kvm",
    "cpe" : "cpe:/a:redhat:advanced_virtualization:8::el8"
  }, {
    "product_name" : "Red Hat OpenStack Platform 10 (Newton)",
    "fix_state" : "Will not fix",
    "package_name" : "qemu-kvm-rhev",
    "cpe" : "cpe:/a:redhat:openstack:10"
  }, {
    "product_name" : "Red Hat OpenStack Platform 13 (Queens)",
    "fix_state" : "Will not fix",
    "package_name" : "qemu-kvm-rhev",
    "cpe" : "cpe:/a:redhat:openstack:13"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2021-20196\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-20196\nhttps://bugs.launchpad.net/qemu/+bug/1912780\nhttps://www.openwall.com/lists/oss-security/2021/01/28/1" ],
  "name" : "CVE-2021-20196",
  "csaw" : false
}