Vulnerability in TCG Accelerator in QEMU 4.2.0 Allows Arbitrary Code Execution, Privilege Escalation, and DoS

Vulnerability in TCG Accelerator in QEMU 4.2.0 Allows Arbitrary Code Execution, Privilege Escalation, and DoS

CVE-2020-24165 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS). Note: This is disputed as a bug and not a valid security issue by multiple third parties.

Learn more about our Web Application Penetration Testing UK.