Lucene search

K
f5F5F5:K41301038
HistoryDec 15, 2020 - 12:00 a.m.

K41301038 : QEMU vulnerability CVE-2020-25084

2020-12-1500:00:00
my.f5.com
15

5.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.4%

Security Advisory Description

QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked. (CVE-2020-25084)

Impact

A local attacker may cause a denial-of-service (DoS) or execute arbitrary code on platforms that support Virtual Clustered Multiprocessing (vCMP). This issue only affects BIG-IP platforms that support vCMP.