Alpine: multiple qemu packages: security update to 6.0.0-r1

high Tenable Cloud Security Plugin ID 427650

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI
I/O requests in the case of an error mptsas_free_request() that does not dequeue the request object 'req'
from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU process on the
host, resulting in a denial of service. Versions between 2.10.0 and 5.2.0 are potentially affected.
(CVE-2021-3392)

- The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to
the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This
flaw allows a malicious privileged guest to crash the QEMU process on the host, resulting in a denial of
service or potential code execution. QEMU up to (including) 5.2.0 is affected by this. (CVE-2021-3409)

- A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions
up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get
bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the
host resulting in DoS scenario. (CVE-2021-3416)

- A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This
flaw allows a malicious 9p client to cause a use-after-free error, potentially escalating their privileges
on the system. The highest threat from this vulnerability is to confidentiality, integrity as well as
system availability. (CVE-2021-20181)

- A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator
of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw
allows a guest user or process to consume CPU cycles or crash the QEMU process on the host, resulting in a
denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-20255)

See Also

https://security.alpinelinux.org/vuln/CVE-2021-20181

https://security.alpinelinux.org/vuln/CVE-2021-20255

https://security.alpinelinux.org/vuln/CVE-2021-3392

https://security.alpinelinux.org/vuln/CVE-2021-3409

https://security.alpinelinux.org/vuln/CVE-2021-3416

Plugin Details

Severity: High

ID: 427650

Version: Revision 1.3

Type: Local

Published: 5/16/2025

Updated: 1/21/2026

Supported Sensors: Agentless Assessment

Risk Information

VPR

Risk Factor: Medium

Score: 5

Percentile: 95.11

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Temporal Score: 5.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2021-20181

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 12/3/2020

Reference Information

CVE: CVE-2021-20181, CVE-2021-20255, CVE-2021-3392, CVE-2021-3409, CVE-2021-3416

IAVB: 2020-B-0075-S