An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Related CVEs

CVE-2021-20203

Key Information

GHSA ID

GHSA-8gqc-j7wm-6g58

Published

May 24, 2022 5:43 PM

Last Modified

June 2, 2022 12:00 AM

CVSS Score

2.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 15, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.