Qemu · Qemu · CVE-2024-8354
Name of the Vulnerable Software and Affected Versions:
QEMU (affected versions not specified)
Description:
A flaw was found in QEMU, related to an assertion failure in the `usb ep get()` function in `hw/net/core.c` when trying to get the USB endpoint from a USB device. This issue may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.