Vulnerability CVE-2020-14364: Information

Description

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.

Severity: MEDIUM (5.0) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-14364
Published: Aug. 31, 2020
Modified: Nov. 7, 2023
Error type identifier: CWE-125CWE-787

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
pve-qemusisyphus5.1.0-alt28.1.5-alt1ALT-PU-2020-3023-1259577Fixed
pve-qemup105.1.0-alt27.2.0-alt4ALT-PU-2020-3023-1259577Fixed
pve-qemup95.1.0-alt25.1.0-alt6ALT-PU-2020-3075-1259237Fixed
pve-qemuc10f15.1.0-alt27.2.0-alt3ALT-PU-2020-3023-1259577Fixed
pve-qemuc9f25.1.0-alt25.1.0-alt6ALT-PU-2021-1380-1266336Fixed
pve-qemup115.1.0-alt28.1.5-alt1ALT-PU-2020-3023-1259577Fixed
qemusisyphus5.2.0-alt18.2.4-alt1ALT-PU-2020-3527-1263463Fixed
qemusisyphus_e2k7.2.0-alt3.E2K.37.2.0-alt3.E2K.4ALT-PU-2024-1953-1-Fixed
qemup105.2.0-alt18.2.2-alt0.p10.1ALT-PU-2020-3527-1263463Fixed
qemup10_e2k7.2.0-alt3.E2K.07.2.0-alt3.E2K.3ALT-PU-2023-6766-1-Fixed
qemup94.2.1-alt25.2.0-alt6ALT-PU-2020-3381-1261884Fixed
qemuc10f15.2.0-alt18.2.2-alt0.p10.1ALT-PU-2020-3527-1263463Fixed
qemuc9f25.2.0-alt65.2.0-alt6.c9.1ALT-PU-2021-1964-1273330Fixed
qemup115.2.0-alt18.2.3-alt1ALT-PU-2020-3527-1263463Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.openwall.com/lists/oss-security/2020/08/24/2
  • Mailing List
  • Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1869201
  • Issue Tracking
  • Patch
  • Third Party Advisory
https://www.openwall.com/lists/oss-security/2020/08/24/3
  • Mailing List
  • Third Party Advisory
DSA-4760
  • Third Party Advisory
[debian-lts-announce] 20200913 [SECURITY] [DLA 2373-1] qemu security update
  • Mailing List
  • Third Party Advisory
USN-4511-1
  • Third Party Advisory
https://security.netapp.com/advisory/ntap-20200924-0006/
  • Third Party Advisory
GLSA-202009-14
  • Third Party Advisory
openSUSE-SU-2020:1664
  • Broken Link
  • Mailing List
  • Third Party Advisory
GLSA-202011-09
  • Third Party Advisory
FEDORA-2020-3689b67b53
    FEDORA-2020-eeb29955ed

        1. Configuration 1

          cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
          End excliding
          5.2.0

          Configuration 2

          cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
          cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*
          cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
          cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*

          Configuration 3

          cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
          cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

          Configuration 4

          cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
          cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

          Configuration 5

          cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

          Configuration 6

          cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
          cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.5.3
      Back to top