Lucene search

[email protected]CVE-2020-25741

HistoryOct 02, 2020 - 9:15 a.m.

CVE-2020-25741

2020-10-0209:15:00

CWE-476

[email protected]

web.nvd.nist.gov

qemu

cve-2020-25741

nvd

information security

null pointer dereference

3.2 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

4.1 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

14.4%

JSON

fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.

CPENameOperatorVersion
qemu:qemuqemueq5.0.0

CPE	Name	Operator	Version
qemu:qemu	qemu	eq	5.0.0

References

www.openwall.com/lists/oss-security/2020/09/29/1

lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05295.html

ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Ffdc_nullptr1

security.netapp.com/advisory/ntap-20201009-0005/

3.2 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

4.1 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

14.4%

JSON

Related for CVE-2020-25741

prion1 alpinelinux1 debiancve1 veracode1 osv1 ubuntucve1 redhatcve1 f51