CVE-2020-25624 - log back

CVE-2020-25624 edited at 09 Dec 2020 10:32:56
Description
- A flaw was found in QEMU. An out-of-bounds read/write access issue was found in the USB OHCI controller emulator. The issue could occur while servicing transfer descriptors (TD), as OHCI controller derives variables 'start_addr', 'end_addr', and 'len' from values supplied by the host controller driver. The host controller driver may supply values such that using these variables leads to an out-of-bounds access issue leading to a guest user/process using this flaw to crash the QEMU process on the host resulting in a denial of service (DoS) scenario. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
+ A flaw was found in QEMU before version 5.2.0. An out-of-bounds read/write access issue was found in the USB OHCI controller emulator. The issue could occur while servicing transfer descriptors (TD), as OHCI controller derives variables 'start_addr', 'end_addr', and 'len' from values supplied by the host controller driver. The host controller driver may supply values such that using these variables leads to an out-of-bounds access issue leading to a guest user/process using this flaw to crash the QEMU process on the host resulting in a denial of service (DoS) scenario. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-25624 edited at 26 Nov 2020 09:40:22
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ A flaw was found in QEMU. An out-of-bounds read/write access issue was found in the USB OHCI controller emulator. The issue could occur while servicing transfer descriptors (TD), as OHCI controller derives variables 'start_addr', 'end_addr', and 'len' from values supplied by the host controller driver. The host controller driver may supply values such that using these variables leads to an out-of-bounds access issue leading to a guest user/process using this flaw to crash the QEMU process on the host resulting in a denial of service (DoS) scenario. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
References
+ https://git.qemu.org/?p=qemu.git;a=commitdiff;h=1328fe0c32d5474604105b8105310e944976b058
Notes
CVE-2020-25624 created at 26 Nov 2020 09:34:24