Описание
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
A reachable assertion vulnerability was found in the USB EHCI emulation code of QEMU. This issue occurs while processing USB requests due to missed handling of DMA memory map failure. This flaw allows a malicious privileged user within the guest to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
Отчет
Releases of Red Hat OpenStack Platform versions 15 and newer consume fixes directly from the Red Hat Enterprise Linux 8 Advanced Virtualization repository.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Out of support scope | ||
| Red Hat Enterprise Linux 5 | xen | Out of support scope | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Out of support scope | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Out of support scope | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-ma | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-rhev | Out of support scope | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.2/qemu-kvm | Affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | virt:8.3/qemu-kvm | Affected | ||
| Red Hat Enterprise Linux 9 | qemu-kvm | Affected | ||
| Red Hat OpenStack Platform 10 (Newton) | qemu-kvm-rhev | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
3.2 Low
CVSS3
Связанные уязвимости
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
A reachable assertion issue was found in the USB EHCI emulation code o ...
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
EPSS
3.2 Low
CVSS3