A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25723
Reference (s):
- https://security.netapp.com/advisory/ntap-20201218-0004/
- https://bugzilla.redhat.com/show_bug.cgi?id=1898579
- URL: https://bugzilla.redhat.com/show_bug.cgi?id=1898579
- MLIST:[oss-security] 20201222 CVE-2020-25723 QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c
- URL: http://www.openwall.com/lists/oss-security/2020/12/22/1