← back
CVE-2021-3700

CVE-2021-3700

EPSS 0.3%CWE-416
A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination.
Affected products
n/a · usbredir

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=1992830https://gitlab.freedesktop.org/spice/usbredir/-/commit/03c519ff5831bahttps://lists.debian.org/debian-lts-announce/2022/03/msg00030.html