Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-25743

Опубликовано: 24 июн. 2020
Источник: redhat
CVSS3: 3.2

Описание

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

A NULL pointer dereference flaw was found in the IDE disk emulator of QEMU. This issue occurs while canceling an I/O operation via the ide_cancel_dma_sync() routine if a block drive pointer is null. This flaw allows a guest user to crash the QEMU process on the host, resulting in a denial of service.

Отчет

In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP qemu-kvm-rhev package.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvm-maNot affected
Red Hat Enterprise Linux 7qemu-kvm-rhevFix deferred
Red Hat Enterprise Linux 8qemu-kvmFix deferred
Red Hat Enterprise Linux 8 Advanced Virtualizationqemu-kvmFix deferred
Red Hat Enterprise Linux 9qemu-kvmAffected
Red Hat OpenStack Platform 10 (Newton)qemu-kvm-rhevWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1881409QEMU: ide: null pointer dereference while cancelling i/o operation

3.2 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-25743

CVSS3: 3.2
ubuntu
больше 5 лет назад

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

nvd логотип

CVE-2020-25743

CVSS3: 3.2
nvd
больше 5 лет назад

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

msrc логотип

CVE-2020-25743

CVSS3: 3.2
msrc
больше 5 лет назад

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

debian логотип

CVE-2020-25743

CVSS3: 3.2
debian
больше 5 лет назад

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereferen ...

github логотип

GHSA-qgc2-rv3v-hg6j

github
больше 3 лет назад

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

3.2 Low

CVSS3