An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2020-08-31T17:11:52
Updated: 2020-11-11T05:06:21
Reserved: 2020-06-17T00:00:00
Link: CVE-2020-14364
JSON object: View
NVD Information
Status : Modified
Published: 2020-08-31T18:15:12.827
Modified: 2023-11-07T03:17:11.270
Link: CVE-2020-14364
JSON object: View
Redhat Information
No data.