ALT-PU-2020-3075-1
Closed vulnerabilities
Published: 2020-08-24
BDU:2021-00072
Уязвимость множества функцийи из hw/usb/core.c эмулятора аппаратного обеспечения QEMU, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Severity: MEDIUM (4.9)
Vector: AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
References:
Published: 2020-08-31
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-14364
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
Severity: MEDIUM (5.0)
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
References:
- openSUSE-SU-2020:1664
- openSUSE-SU-2020:1664
- https://bugzilla.redhat.com/show_bug.cgi?id=1869201
- https://bugzilla.redhat.com/show_bug.cgi?id=1869201
- [debian-lts-announce] 20200913 [SECURITY] [DLA 2373-1] qemu security update
- [debian-lts-announce] 20200913 [SECURITY] [DLA 2373-1] qemu security update
- FEDORA-2020-3689b67b53
- FEDORA-2020-3689b67b53
- FEDORA-2020-eeb29955ed
- FEDORA-2020-eeb29955ed
- GLSA-202009-14
- GLSA-202009-14
- GLSA-202011-09
- GLSA-202011-09
- https://security.netapp.com/advisory/ntap-20200924-0006/
- https://security.netapp.com/advisory/ntap-20200924-0006/
- USN-4511-1
- USN-4511-1
- DSA-4760
- DSA-4760
- https://www.openwall.com/lists/oss-security/2020/08/24/2
- https://www.openwall.com/lists/oss-security/2020/08/24/2
- https://www.openwall.com/lists/oss-security/2020/08/24/3
- https://www.openwall.com/lists/oss-security/2020/08/24/3