CVE-2020-10702

Published: Jun 4, 2020

Modified: Aug 4, 2024

PUBLISHED

CVSS v3.1

5.5

MEDIUM

Description

A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker could obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all programs running on QEMU.

Vendor	Product	Versions
The QEMU Project	qemu	affected `>= 4.0.0, < 5.0.0`

Weaknesses (CWE)

CWE-325

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10702

x_refsource_CONFIRM

https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=de0b1bae6461f67243282555475f88b2384a1eb9

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20200724-0007/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-10702

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References