Back to search
CVE-2020-14364
Published: Aug 31, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
| Vendor | Product | Versions |
|---|---|---|
n/a | QEMU | affected QEMU versions before 5.2.0 |
Weaknesses (CWE)
References
https://bugzilla.redhat.com/show_bug.cgi?id=1869201
x_refsource_MISC
https://www.openwall.com/lists/oss-security/2020/08/24/3
x_refsource_MISC
https://www.openwall.com/lists/oss-security/2020/08/24/2
x_refsource_MISC
DSA-4760
vendor-advisory
x_refsource_DEBIAN
FEDORA-2020-3689b67b53
vendor-advisory
x_refsource_FEDORA
[debian-lts-announce] 20200913 [SECURITY] [DLA 2373-1] qemu security update
mailing-list
x_refsource_MLIST
FEDORA-2020-eeb29955ed
vendor-advisory
x_refsource_FEDORA
USN-4511-1
vendor-advisory
x_refsource_UBUNTU
https://security.netapp.com/advisory/ntap-20200924-0006/
x_refsource_CONFIRM
GLSA-202009-14
vendor-advisory
x_refsource_GENTOO
openSUSE-SU-2020:1664
vendor-advisory
x_refsource_SUSE
GLSA-202011-09
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now