CVE-2021-3582:QEMU VMWare paravirtual RDMA device vulnerability allows guest to crash host QEMU process

splash
Back

Description Preview

A vulnerability in QEMU's implementation of VMWare's paravirtual RDMA device was discovered. When handling the "PVRDMA_CMD_CREATE_MR" command, improper memory remapping (mremap) occurs, which can be exploited by a malicious guest to crash the QEMU process running on the host system. This vulnerability primarily impacts system availability as it enables a denial of service attack from the guest against the host.

Overview

CVE-2021-3582 is a buffer overflow vulnerability (CWE-119) in QEMU's implementation of VMWare's paravirtual RDMA device. The flaw specifically occurs during the processing of the "PVRDMA_CMD_CREATE_MR" command, where improper memory remapping operations can be triggered by a guest operating system. When exploited, this vulnerability allows a malicious guest to crash the QEMU process on the host, resulting in a denial of service condition. This vulnerability primarily threatens system availability by allowing guests to disrupt host operations.

Remediation

To address this vulnerability, system administrators should:

  1. Update QEMU to the latest version that contains the fix for CVE-2021-3582
  2. Apply vendor-specific patches as they become available
  3. If updates cannot be immediately applied, consider disabling the VMWare paravirtual RDMA device functionality if it is not required
  4. Ensure that only trusted guests are allowed to run on affected QEMU instances
  5. Monitor system logs for any unusual crashes in QEMU processes that might indicate exploitation attempts

References

  1. Red Hat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1966266
  2. Debian Security Advisory: https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html
  3. Gentoo Linux Security Advisory: https://security.gentoo.org/glsa/202208-27
  4. NetApp Security Advisory: https://security.netapp.com/advisory/ntap-20220429-0003/

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Manufacturing
    Manufacturing
  2. Utilities
    Utilities
  3. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  4. Health Care & Social Assistance
    Health Care & Social Assistance
  5. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  6. Finance and Insurance
    Finance and Insurance
  7. Educational Services
    Educational Services
  8. Management of Companies & Enterprises
    Management of Companies & Enterprises
  9. Other Services (except Public Administration)
    Other Services (except Public Administration)
  10. Public Administration
    Public Administration
  11. Transportation & Warehousing
    Transportation & Warehousing
  12. Accommodation & Food Services
    Accommodation & Food Services
  13. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
  14. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  15. Construction
    Construction
  16. Information
    Information
  17. Mining
    Mining
  18. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
  19. Retail Trade
    Retail Trade
  20. Wholesale Trade
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background
Armis Vulnerability Intelligence Database