Lucene search

[email protected]NVD:CVE-2020-25743

HistoryOct 06, 2020 - 3:15 p.m.

CVE-2020-25743

2020-10-0615:15:15

CWE-476

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

3.2 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

0.0004 Low

EPSS

Percentile

15.5%

JSON

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

Affected configurations

NVD

Node

qemuqemuRange<5.1.1

Node

redhatopenstack_platformMatch13.0

redhatenterprise_linuxMatch7.0

redhatenterprise_linuxMatch8.0-

redhatenterprise_linuxMatch8.0advanced_virtualization

References

www.openwall.com/lists/oss-security/2020/09/29/1

bugzilla.redhat.com/show_bug.cgi?id=1881409

lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05967.html

ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fide_nullptr1b

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

3.2 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

0.0004 Low

EPSS

Percentile

15.5%

JSON

Related for NVD:CVE-2020-25743

prion1 debiancve1 ubuntucve1 alpinelinux1 cvelist1 veracode1 cbl_mariner1 cve1 redhatcve1 f51 nessus12 openvas8