Redhat.comRH:CVE-2020-25085CVE-2020-25085
5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
24.1%
A flaw was found in QEMU. An out-of-bounds read/write access issue was found in the SDHCI Controller emulator of QEMU. It may occur while doing multi block SDMA, if transfer block size exceeds the ‘s->fifo_buffer[s->buf_maxsz]’ size which would leave the current element pointer ‘s->data_count’ pointing out of bounds. This would lead the subsequent DMA r/w operation to an OOB access issue where a guest user/process may use this flaw to crash the QEMU process resulting in DoS scenario. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Related
5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
4.4 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
24.1%