CVE-2020-27661Divide By Zero in Qemu

CWE-369Divide By Zero8 documents7 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 67.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
QemuDebian QemuMsrc CM1 Qemu-kvm 4.2.0-33 ON CBL Mariner 1.0
Timeline
PublishedJun 2
Latest updateMay 24

Description

A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages4 packages

debiandebian/qemu< qemu 1:5.2+dfsg-1 (bookworm)
Debianqemu/qemu< 1:5.2+dfsg-1+3
NVDqemu/qemu5.1.1

Patches

Patch: bugzilla.redhat.comPatch: lists.nongnu.orgPatch: bugzilla.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-pwg2-p5wp-g395: A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc22022-05-24
OSV
CVE-2020-27661: A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc22021-06-02

📋Vendor Advisories

3
Microsoft
A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on th2021-06-08
Red Hat
QEMU: divide by zero in dwc2_handle_packet() in hw/usb/hcd-dwc2.c2020-10-12
Debian
CVE-2020-27661: qemu - A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in t...2020

💬Community

2
Bugzilla
CVE-2020-27661 qemu: divide by zero in dwc2_handle_packet() in hw/usb/hcd-dwc2.c [fedora-all]2020-10-22
Bugzilla
CVE-2020-27661 QEMU: divide by zero in dwc2_handle_packet() in hw/usb/hcd-dwc2.c2020-10-22