How severe is CVE-2020-25723?

CVE-2020-25723 has a CVSS v3 score of 3.2 (LOW).

CVE-2020-25723

Name: debian_linux
Author: debian

3.2LOW

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged use

Опубликовано: 12/2/2020Обновлено: 11/21/2024

Описание

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.

ИИ-АнализНа базе ИИ

Затронутые продукты

qemuqemu

debiandebian_linux

10.0

Ссылки

http://www.openwall.com/lists/oss-security/2020/12/22/1
Mailing ListPatchThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1898579
Issue TrackingPatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html
Mailing ListThird Party Advisory
https://security.netapp.com/advisory/ntap-20201218-0004/
Third Party Advisory
http://www.openwall.com/lists/oss-security/2020/12/22/1
Mailing ListPatchThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1898579
Issue TrackingPatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html
Mailing ListThird Party Advisory
https://security.netapp.com/advisory/ntap-20201218-0004/
Third Party Advisory