CVE-2020-25723
3.2LOWA reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged use
Published: 12/2/2020Updated: 11/21/2024
Description
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
AI AnalysisPowered by AI
Affected Products
qemuqemu
debiandebian_linux
10.0
References
- http://www.openwall.com/lists/oss-security/2020/12/22/1Mailing ListPatchThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1898579Issue TrackingPatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/09/msg00008.htmlMailing ListThird Party Advisory
- https://security.netapp.com/advisory/ntap-20201218-0004/Third Party Advisory
- http://www.openwall.com/lists/oss-security/2020/12/22/1Mailing ListPatchThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1898579Issue TrackingPatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/09/msg00008.htmlMailing ListThird Party Advisory
- https://security.netapp.com/advisory/ntap-20201218-0004/Third Party Advisory