A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 19 Sep 2024 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Thu, 19 Sep 2024 11:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition. | |
Title | Qemu-kvm: usb: assertion failure in usb_ep_get() | |
First Time appeared |
Redhat
Redhat advanced Virtualization Redhat enterprise Linux |
|
Weaknesses | CWE-617 | |
CPEs | cpe:/a:redhat:advanced_virtualization:8::el8 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat advanced Virtualization Redhat enterprise Linux |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-09-19T10:45:06.191Z
Updated: 2024-09-19T13:38:51.859Z
Reserved: 2024-08-30T15:57:27.206Z
Link: CVE-2024-8354
Vulnrichment
Updated: 2024-09-19T13:38:48.802Z
NVD
Status : Received
Published: 2024-09-19T11:15:10.440
Modified: 2024-09-19T11:15:10.440
Link: CVE-2024-8354
Redhat