|Title:||QEMU 4.x < 5.0.0 Authentication Bypass Vulnerability|
|Summary:||QEMU is prone to an authentication bypass vulnerability.|
QEMU is prone to an authentication bypass vulnerability.
A general failure of the signature generation process causes every
PAuth-enforced pointer to be signed with the same signature. A local attacker could
obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all programs running on QEMU.
QEMU versions 4.0.0 through version 4.2.
Update to version 5.0.0 or later.
Common Vulnerability Exposure (CVE) ID: CVE-2020-10702|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.