QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked. (CVE-2020-25084)
Impact
A local attacker may cause a denial-of-service (DoS) or execute arbitrary code on platforms that support Virtual Clustered Multiprocessing (vCMP). This issue only affects BIG-IP platforms that support vCMP.