Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2020-25084

Published: August 31, 2023Last modified: August 31, 2023

Description

QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.

Severity score breakdown

ParameterValue
Base score3.2
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredHIGH
User interactionNONE
ScopeCHANGED
ConfidentialityNONE
Integrity impactNONE
Availability impactLOW
VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSqemuNot affected (7.1.0-r4)
StreamqemuNot affected (8.0.4-r0)

References

ON THIS PAGE