{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-06T14:18:07", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html"}, {"tags": ["x_refsource_MISC"], "url": "https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.openwall.com/lists/oss-security/2020/09/29/1"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883178"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-25742", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html", "refsource": "MISC", "url": "https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html"}, {"name": "https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1", "refsource": "MISC", "url": "https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1"}, {"name": "http://www.openwall.com/lists/oss-security/2020/09/29/1", "refsource": "CONFIRM", "url": "http://www.openwall.com/lists/oss-security/2020/09/29/1"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1883178", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883178"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:40:36.945Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/09/29/1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883178"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-25742", "datePublished": "2020-10-06T14:18:07", "dateReserved": "2020-09-18T00:00:00", "dateUpdated": "2024-08-04T15:40:36.945Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "matchCriteriaId": "519474C9-183A-4DFE-8937-62DE15CDA6E3", "versionEndExcluding": "5.1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer."}, {"lang": "es", "value": "La funci\u00f3n pci_change_irq_level en el archivo hw/pci/pci.c en QEMU versiones anteriores a 5.1.1, presenta una desreferencia de puntero NULL porque la funci\u00f3n pci_get_bus() podr\u00eda no devolver un puntero v\u00e1lido"}], "id": "CVE-2020-25742", "lastModified": "2024-11-21T05:18:38.020", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.2, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-10-06T15:15:15.007", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/09/29/1"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883178"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/09/29/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883178"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Cornelius Aschermann (Ruhr-University Bochum), Sergej Schumilo (Ruhr-University Bochum), and Simon Wrner (Ruhr-University Bochum) for reporting this issue.", "bugzilla": {"description": "QEMU: scsi: lsi: null pointer dereference during memory move", "id": "1883178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883178"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-476", "details": ["pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.", "A NULL pointer dereference flaw was found in the LSI53C895A SCSI Host Bus Adapter emulator of QEMU. This flaw occurs while processing 'Memory Move' instructions to move data between DMA memory and I/O address space via lsi_memcpy(). This flaw allows a guest user or process to crash the QEMU process, resulting in a denial of service."], "name": "CVE-2020-25742", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kvm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "xen", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "qemu-kvm", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "qemu-kvm", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "qemu-kvm-ma", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "qemu-kvm-rhev", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "qemu-kvm", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:advanced_virtualization:8::el8", "fix_state": "Not affected", "package_name": "qemu-kvm", "product_name": "Red Hat Enterprise Linux 8 Advanced Virtualization"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "qemu-kvm", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2020-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-25742\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-25742\nhttps://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1\nhttps://www.manualslib.com/manual/1407578/Lsi-Lsi53c895a.html?page=254#manual\nhttps://www.openwall.com/lists/oss-security/2020/09/29/1"], "threat_severity": "Low"}