CVE-2020-25624

CVE-2020-25624

EPSS 0.6%

hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05492.html https://security.netapp.com/advisory/ntap-20201210-0005/