CVE-2020-25723

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-25723

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25723.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-25723

Downstream

DEBIAN-CVE-2020-25723

DLA-2469-1

DLA-3099-1

RHBA-2021:0639

RHSA-2021:0648

RHSA-2021:0771

RHSA-2021:1762

SUSE-SU-2020:14557-1

SUSE-SU-2021:1240-1

SUSE-SU-2021:1241-1

SUSE-SU-2021:1242-1

SUSE-SU-2021:1243-1

SUSE-SU-2021:1244-1

SUSE-SU-2021:1245-1

SUSE-SU-2021:1305-1

SUSE-SU-2021:14704-1

SUSE-SU-2021:14706-1

SUSE-SU-2021:1829-1

SUSE-SU-2021:1837-1

SUSE-SU-2021:1893-1

SUSE-SU-2021:1894-1

SUSE-SU-2021:1895-1

SUSE-SU-2021:1918-1

SUSE-SU-2021:1942-1

SUSE-SU-2021:1947-1

UBUNTU-CVE-2020-25723

USN-4650-1

openSUSE-SU-2021:0600-1

openSUSE-SU-2021:1043-1

openSUSE-SU-2021:1942-1

openSUSE-SU-2024:11287-1

Related

Published

2020-12-02T01:15:12Z

Modified

2025-08-09T19:01:29Z

Severity

3.2 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.

References

Affected packages