CVE-2020-25723 - log back

CVE-2020-25723 edited at 09 Dec 2020 10:33:31
Description
- A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
+ A reachable assertion issue was found in the USB EHCI emulation code of QEMU before version 5.2.0. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
CVE-2020-25723 edited at 02 Dec 2020 11:33:10
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
References
+ https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6
CVE-2020-25723 created at 02 Dec 2020 11:30:09
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes