Published: 06/10/2020 Updated: 07/10/2020

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 3.2 | Impact Score: 1.4 | Exploitability Score: 1.5

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

hw/ide/pci.c in QEMU prior to 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu
redhat openstack platform 13.0
redhat enterprise linux 7.0
redhat enterprise linux 8.0

Debian Bug report logs - #970940 qemu: CVE-2020-25743 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 25 Sep 2020 20:39:01 UTC Severity: important Tags: security, upstream Found in version qemu/1 ...

CWE-476 https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fide_nullptr1b https://bugzilla.redhat.com/show_bug.cgi?id=1881409 http://www.openwall.com/lists/oss-security/2020/09/29/1 https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05967.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970940 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-25743

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect