Lucene search
K

31 matches found

Microsoft CVE
Microsoft CVE
added 2020/09/04 7:0 a.m.5 views

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in do_token_out routines. This flaw allows a guest user to crash the QEMU process resulting in a denial of service or the potential execution of arbitrary code with the privileges of the QEMU process on the host.

...

5CVSS7AI score0.05447EPSS
Exploits1
OSV
OSV
added 2020/08/31 6:15 p.m.3 views

ALPINE-CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash...

5CVSS7.4AI score0.05447EPSS
Exploits1References1
OSV
OSV
added 2020/08/24 12:0 p.m.2 views

UBUNTU-CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash...

5CVSS7.1AI score0.05447EPSS
Exploits1References6
OSV
OSV
added 2014/11/04 9:55 p.m.6 views

DEBIAN-CVE-2013-4541

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS6.9AI score0.03975EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/09/22 4:0 a.m.9 views

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.1AI score0.03975EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/07/24 3:38 p.m.10 views

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.1AI score0.03975EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/07/23 4:15 p.m.6 views

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.1AI score0.03975EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/06/10 8:14 p.m.5 views

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.1AI score0.03975EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/06/10 8:14 p.m.9 views

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.1AI score0.03975EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/06/09 2:35 p.m.5 views

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.1AI score0.03975EPSS
Exploits0References4
OSV
OSV
added 2014/02/20 12:0 a.m.6 views

UBUNTU-CVE-2013-4541

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

7.5CVSS7.2AI score0.03975EPSS
Exploits0References5
Rows per page
Query Builder