Lucene search
F5F5:K09081535HistoryDec 15, 2020 - 12:00 a.m.
K09081535 : QEMU vulnerability CVE-2020-14364
2020-12-1500:00:00
my.f5.com
21
Security Advisory Description
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice ‘setup_len’ exceeds its ‘data_buf[4096]’ in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. (CVE-2020-14364)
Impact
A local attacker may be able to cause a denial of service (DoS) or execute arbitrary code on the host. This issue affects all BIG-IP platforms that support Virtual Clustered Multiprocessing (vCMP).
Related
nessus
nessus
CentOS 6 : qemu-kvm (CESA-2020:4056)
2020-11-09 00:00:00
RHEL 7 : qemu-kvm-rhev (RHSA-2020:4111)
2023-01-23 00:00:00
RHEL 7 : qemu-kvm (RHSA-2020:4050)
2020-11-18 00:00:00
redhat
redhat
(RHSA-2020:4058) Important: virt:rhel security update
2020-09-29 08:09:17
(RHSA-2020:4291) Important: virt:8.2 and virt-devel:8.2 security and bug fix update
2020-10-20 09:06:26
(RHSA-2020:4111) Important: qemu-kvm-rhev security update
2020-09-30 09:05:00
alpinelinux
alpinelinux
CVE-2020-14364
2020-08-31 18:15:12
cve
cve
CVE-2020-14364
2020-08-31 18:15:12
prion
prion
Cross site scripting
2020-08-31 18:15:00
gentoo
gentoo
Xen: Buffer overflow
2020-09-29 00:00:00
QEMU: Multiple vulnerabilities
2020-11-11 00:00:00
openvas
openvas
Fedora: Security Advisory for xen (FEDORA-2020-eeb29955ed)
2020-09-16 00:00:00
Fedora: Security Advisory for xen (FEDORA-2020-3689b67b53)
2020-09-11 00:00:00
Ubuntu: Security Advisory (USN-4511-1)
2020-09-18 00:00:00
centos
centos
qemu security update
2020-11-09 13:15:26
qemu security update
2020-11-06 22:05:12
fedora
fedora
[SECURITY] Fedora 32 Update: xen-4.13.1-5.fc32
2020-09-15 16:17:33
[SECURITY] Fedora 31 Update: xen-4.12.3-4.fc31
2020-09-10 17:34:33
osv
osv
qemu vulnerability
2020-09-17 11:10:51
CVE-2020-14364
2020-08-31 18:15:12
Important: virt:rhel security update
2020-09-29 08:09:34
xen
xen
QEMU: usb: out-of-bounds r/w access issue
2020-08-24 12:00:00
redhatcve
redhatcve
CVE-2020-14364
2020-08-24 13:04:32
huawei
huawei
veracode
veracode
Arbitrary Code Execution
2020-09-11 21:53:46
cbl_mariner
cbl_mariner
CVE-2020-14364 affecting package qemu-kvm 4.2.0-48
2020-11-30 19:31:04
nvd
nvd
CVE-2020-14364
2020-08-31 18:15:12
ubuntucve
ubuntucve
CVE-2020-14364
2020-08-24 00:00:00
ibm
ibm
cvelist
cvelist
CVE-2020-14364
2020-08-31 17:11:52
debiancve
debiancve
CVE-2020-14364
2020-08-31 18:15:12
oraclelinux
oraclelinux
qemu-kvm security update
2020-09-30 00:00:00
virt:ol security update
2020-10-01 00:00:00
qemu-kvm security update
2020-10-08 00:00:00
ubuntu
ubuntu
QEMU vulnerability
2020-09-17 00:00:00
QEMU vulnerabilities
2021-02-02 00:00:00
almalinux
almalinux
Important: virt:rhel security update
2020-09-29 08:09:34
rocky
rocky
virt:rhel security update
2020-09-29 08:09:34
amazon
amazon
Important: qemu
2020-11-09 21:04:00
Important: qemu-kvm
2020-11-14 01:23:00
citrix
citrix
Citrix Hypervisor Security Update
2020-08-24 04:00:00
debian
debian
[SECURITY] [DSA 4760-1] qemu security update
2020-09-06 18:00:48
[SECURITY] [DLA 2373-1] qemu security update
2020-09-13 18:47:47
suse
suse
Security update for qemu (important)
2020-10-13 00:00:00
Security update for qemu (important)
2021-07-11 00:00:00
Security update for qemu (moderate)
2021-07-14 00:00:00
archlinux
archlinux
[ASA-202012-26] qemu: multiple issues
2020-12-16 00:00:00