Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2020-14364 - log back

CVE-2020-14364 edited at 26 Nov 2020 09:43:20

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Arbitrary code execution

Description

+

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.

References

+	https://www.openwall.com/lists/oss-security/2020/08/24/2
+	https://www.openwall.com/lists/oss-security/2020/08/24/3
+	https://git.qemu.org/?p=qemu.git;a=commitdiff;h=b946434f2659a182afc17e155be6791ebfb302eb

Notes

CVE-2020-14364 created at 26 Nov 2020 09:34:24