Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-8354

Опубликовано: 19 сент. 2024
Источник: nvd
CVSS3: 5.5
EPSS Низкий

Описание

A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:qemu:qemu:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 10%
0.00049
Низкий

5.5 Medium

CVSS3

Дефекты

CWE-617

Связанные уязвимости

ubuntu логотип

CVE-2024-8354

CVSS3: 5.5
ubuntu
около 1 года назад

A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.

redhat логотип

CVE-2024-8354

CVSS3: 5.5
redhat
около 1 года назад

A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.

msrc логотип

CVE-2024-8354

msrc
3 месяца назад

Qemu-kvm: usb: assertion failure in usb_ep_get()

debian логотип

CVE-2024-8354

CVSS3: 5.5
debian
около 1 года назад

A flaw was found in QEMU. An assertion failure was present in the usb_ ...

github логотип

GHSA-xx3p-5m4j-rhw8

CVSS3: 4.7
github
около 1 года назад

A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.

EPSS

Процентиль: 10%
0.00049
Низкий

5.5 Medium

CVSS3

Дефекты

CWE-617
Уязвимость CVE-2024-8354