CVE-2020-25723

Summary

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.

Affected Software

VendorProductVersion RangeStatus
n/aQEMUqemu 5.2.0affected

Weaknesses

  • CWE-617: CWE-617

ADP Enrichment

CVE Program Container

Additional References

References