Main Vulnerability Database Vulnerabilities #VU73788

#VU73788 Infinite loop in QEMU - CVE-2020-14394

Published: March 17, 2023

Vulnerability identifier: #VU73788

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-14394

CWE-ID: CWE-835

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
QEMU

Software vendor:
QEMU

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. A privileged user on the guest OS can consume all available system resources and cause denial of service conditions of the QEMU process on the host.

Remediation

Install updates from vendor's website.

External links

https://bugzilla.redhat.com/show_bug.cgi?id=1908004
https://gitlab.com/qemu-project/qemu/-/issues/646
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O/
https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html

#VU73788 Infinite loop in QEMU - CVE-2020-14394

Description

Remediation

External links

Please verify you're human