QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Use After Free
Memory Corruption
Information Disclosure
Qemu
Debian Linux
NVD
CVSS 3.1
3.2
EPSS
0.3%
Prev
Page 3 of 3