Vulnerability Description
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qemu | Qemu | 6.1.50 |
| Fedoraproject | Extra Packages For Enterprise Linux | 7.0 |
| Fedoraproject | Fedora | 33 |
| Redhat | Openstack Platform | 10.0 |
| Redhat | Enterprise Linux | 5.0 |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1908004ExploitIssue TrackingThird Party Advisory
- https://gitlab.com/qemu-project/qemu/-/issues/646ExploitIssue TrackingPatch
- https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://bugzilla.redhat.com/show_bug.cgi?id=1908004ExploitIssue TrackingThird Party Advisory
- https://gitlab.com/qemu-project/qemu/-/issues/646ExploitIssue TrackingPatch
- https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
FAQ
What is CVE-2020-14394?
CVE-2020-14394 is a vulnerability with a CVSS score of 3.2 (LOW). An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the Q...
How severe is CVE-2020-14394?
CVE-2020-14394 has been rated LOW with a CVSS base score of 3.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-14394?
Check the references section above for vendor advisories and patch information. Affected products include: Qemu Qemu, Fedoraproject Extra Packages For Enterprise Linux, Fedoraproject Fedora, Redhat Openstack Platform, Redhat Enterprise Linux.