CVE-2020-10702

Advisory lineage Upstream: 0 Downstream: 5

Downstream

DEBIAN-CVE-2020-10702 OPENSUSE-SU-2024:11287-1 RHBA-2020:3172 UBUNTU-CVE-2020-10702 USN-4372-1

Modified

Published: 04 Jun 2020, 17:31

Last modified:04 Aug 2024, 11:06

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (cve.org)

EPSS Score

0.04% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

04 Jun 2020, 17:31

Published

Vulnerability first disclosed

04 Aug 2024, 11:06

Last Modified

Vulnerability information updated

Description

A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker could obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all programs running on QEMU.

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
v2.0•LOW•Score: 2.1AV:L/AC:L/Au:N/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 0.04%• Percentile: 11%

Techniques & Countermeasures

CWE-325•Missing Cryptographic Step
The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.

Affected Systems

qemu•qemu
≥ 4.0.0, < 5.0.0
the qemu project•qemu
≥ 4.0.0, < 5.0.0