CVE-2020-14394

CWE-8359 documents7 sources

Severity

3.2LOW

EPSS

0.0%

top 92.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fedoraproject Extra Packages FOR Enterprise Linux Fedoraproject Fedora Qemu Qemu +2 more

Timeline

PublishedAug 17

Latest updateJun 6

Description

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:LExploitability: 1.5 | Impact: 1.4

Affected Packages6 packages

▶Debianqemu< 1:5.2+dfsg-11+deb11u3+3

▶Ubuntuqemu< 1:4.2-3ubuntu6.28+1

▶CVEListV5qemuQEMU 6.1.50

▶NVDqemu/qemu6.1.50

▶NVDredhat/openstack_platform10.0, 13.0+1

Also affects: Fedora 33, 37, Enterprise Linux 5.0, 6.0, 7.0, 8.0, 9.0

Patches

Patch: gitlab.com ↗Patch: gitlab.com ↗

🔴Vulnerability Details

OSV

qemu regression↗2024-06-06

▶

OSV

qemu vulnerabilities↗2024-01-08

▶

GHSA

GHSA-9gg5-9c3q-7g76: An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring↗2022-08-18

▶

CVEList

CVE-2020-14394: An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring↗2022-08-17

▶

OSV

CVE-2020-14394: An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring↗2022-08-17

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2024-01-08

▶

Red Hat

QEMU: infinite loop in xhci_ring_chain_length() in hw/usb/hcd-xhci.c↗2020-12-15

▶

Debian

CVE-2020-14394: qemu - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU whi...↗2020

▶