CVE-2020-14415Divide By Zero in Qemu

CWE-369Divide By Zero11 documents10 sources
Severity
3.3LOWNVD
EPSS
0.1%
top 84.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
QemuCanonical Ubuntu Linux
Timeline
PublishedAug 27
Latest updateMay 24

Description

oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

NVDqemu/qemu< 5.0.0
Debianqemu/qemu< 1:5.0-1+3

Also affects: Ubuntu Linux 16.04, 18.04, 20.04

Patches

Patch: usn.ubuntu.comPatch: usn.ubuntu.com

🔴Vulnerability Details

3
GHSA
GHSA-p7mg-fqg9-jhg8: oss_write in audio/ossaudio2022-05-24
OSV
CVE-2020-14415: oss_write in audio/ossaudio2020-08-27
CVEList
CVE-2020-14415: oss_write in audio/ossaudio2020-08-27

💥Exploits & PoCs

1
Exploit-DB
Vehicle Parking Management System 1.0 - Authentication Bypass2020-10-15

📋Vendor Advisories

4
Ubuntu
QEMU vulnerabilities2020-08-19
Microsoft
oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.2020-08-11
Red Hat
QEMU: division by zero in oss_write() in audio/ossaudio.c2020-01-20
Debian
CVE-2020-14415: qemu - oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.2020

💬Community

2
Bugzilla
CVE-2020-14415 QEMU: division by zero in oss_write() in audio/ossaudio.c2020-06-17
Bugzilla
CVE-2020-14415 qemu: division by zero in oss_write() in audio/ossaudio.c [fedora-all]2020-06-17
CVE-2020-14415 — Divide By Zero in Qemu | cvebase