Vulnerability Details : CVE-2020-16092
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c.
Vulnerability category: Denial of service
Products affected by CVE-2020-16092
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
- cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-16092
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 14 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-16092
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST | |
3.8
|
LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L |
2.0
|
1.4
|
NIST |
CWE ids for CVE-2020-16092
-
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-16092
-
https://www.debian.org/security/2020/dsa-4760
Debian -- Security Information -- DSA-4760-1 qemuThird Party Advisory
-
https://lists.nongnu.org/archive/html/qemu-devel/2020-07/msg07563.html
[PATCH 0/2] assertion failure in net_tx_pkt_add_raw_fragment() in hw/netMailing List;Patch;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2020/08/10/1
oss-security - CVE-2020-16092 QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.cMailing List;Patch;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00024.html
[security-announce] openSUSE-SU-2020:1664-1: important: Security updateMailing List;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20200821-0006/
CVE-2020-16092 QEMU Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html
[SECURITY] [DLA 2373-1] qemu security updateMailing List;Third Party Advisory
-
https://security.gentoo.org/glsa/202208-27
QEMU: Multiple Vulnerabilities (GLSA 202208-27) — Gentoo securityThird Party Advisory
-
https://usn.ubuntu.com/4467-1/
USN-4467-1: QEMU vulnerabilities | Ubuntu security notices | UbuntuThird Party Advisory
Jump to