logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-14394

Description

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.


Affected Package


OS OS Version Package Name Package Version
Debian 12 qemu 1:7.1+dfsg-2
Debian 11 qemu 1:5.2+dfsg-11+deb11u2
Debian 10 qemu 1:3.1+dfsg-8+deb10u8
Debian 999 qemu 1:7.1+dfsg-2

Related