CVE-2020-25723Reachable Assertion in Qemu

CWE-617Reachable Assertion8 documents7 sources
Severity
3.2LOWNVD
OSV6.3
EPSS
0.0%
top 89.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
QemuDebian QemuDebian Linux+1 more
Timeline
PublishedDec 2
Latest updateMay 24

Description

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:LExploitability: 1.5 | Impact: 1.4

Affected Packages6 packages

debiandebian/qemu< qemu 1:5.2+dfsg-1 (bookworm)
Debianqemu/qemu< 1:5.2+dfsg-1+3
Ubuntuqemu/qemu< 1:2.5+dfsg-5ubuntu10.48+2
NVDqemu/qemu5.1.1
CVEListV5qemu/qemuqemu 5.2.0

Also affects: Debian Linux 10.0

Patches

Patch: www.openwall.comPatch: bugzilla.redhat.comPatch: www.openwall.com

🔴Vulnerability Details

3
GHSA
GHSA-4mvg-7php-mg7f: A reachable assertion issue was found in the USB EHCI emulation code of QEMU2022-05-24
OSV
CVE-2020-25723: A reachable assertion issue was found in the USB EHCI emulation code of QEMU2020-12-02
OSV
qemu vulnerabilities2020-11-30

📋Vendor Advisories

4
Microsoft
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged use2020-12-08
Ubuntu
QEMU vulnerabilities2020-11-30
Red Hat
QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c2020-08-12
Debian
CVE-2020-25723: qemu - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It...2020