CVE-2020-25723

NameCVE-2020-25723
DescriptionA reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-2469-1, DLA-3099-1
Debian Bugs975276

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
qemu (PTS)bullseye1:5.2+dfsg-11+deb11u3fixed
bullseye (security)1:5.2+dfsg-11+deb11u2fixed
bookworm1:7.2+dfsg-7+deb12u7fixed
sid, trixie1:9.1.1+ds-5fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
qemusourcestretch1:2.8+dfsg-6+deb9u12DLA-2469-1
qemusourcebuster1:3.1+dfsg-8+deb10u9DLA-3099-1
qemusource(unstable)1:5.2+dfsg-1975276

Notes

https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6 (v5.2.0-rc0)
Search for package or bug name: Reporting problems