An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the page argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qemu | Qemu | * | 6.2.0 (excluding) |
| Advanced Virtualization for RHEL 8.4.0.EUS | RedHat | virt:av-8040020211126213321.522a0ee4 | * |
| Advanced Virtualization for RHEL 8.4.0.EUS | RedHat | virt-devel:av-8040020211126213321.522a0ee4 | * |
| Advanced Virtualization for RHEL 8.5.0.Z | RedHat | virt:av-8050020211203164130.c5368500 | * |
| Advanced Virtualization for RHEL 8.5.0.Z | RedHat | virt-devel:av-8050020211203164130.c5368500 | * |
| Red Hat Enterprise Linux 8 | RedHat | virt-devel:rhel-8050020211203195115.c5368500 | * |
| Red Hat Enterprise Linux 8 | RedHat | virt:rhel-8050020211203195115.c5368500 | * |
| Qemu | Ubuntu | bionic | * |
| Qemu | Ubuntu | devel | * |
| Qemu | Ubuntu | esm-infra/xenial | * |
| Qemu | Ubuntu | focal | * |
| Qemu | Ubuntu | hirsute | * |
| Qemu | Ubuntu | impish | * |
| Qemu | Ubuntu | jammy | * |
| Qemu | Ubuntu | kinetic | * |
| Qemu | Ubuntu | trusty | * |
| Qemu | Ubuntu | trusty/esm | * |
| Qemu | Ubuntu | xenial | * |