CVE-2021-3700

A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. This issue occurs when serializing large amounts of buffered write data in the case of a slow or blocked destination.

Date published : 2022-02-24

https://bugzilla.redhat.com/show_bug.cgi?id=1992830

https://gitlab.freedesktop.org/spice/usbredir/-/commit/03c519ff5831ba