CVE-2020-25723 log

Source
Severity Medium
Remote No
Type Denial of service
Description
A reachable assertion issue was found in the USB EHCI emulation code of QEMU before version 5.2.0. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
Group Package Affected Fixed Severity Status Ticket
AVG-1300 qemu 5.1.0-3 5.2.0-1 Medium Fixed FS#68356
Date Advisory Group Package Severity Type
16 Dec 2020 ASA-202012-26 AVG-1300 qemu Medium multiple issues
References
https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6