Lucene search
Veracode Vulnerability DatabaseVERACODE:28535HistoryDec 10, 2020 - 7:31 a.m.
Denial Of Service (DoS)
2020-12-1007:31:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.0004 Low
EPSS
Percentile
14.3%
A divide-by-zero flaw was found in QEMU in the dwc-hsotg (dwc2) USB host controller emulation. More specifically, HCCHAR_MPS was read from a device register and later used as a divisor without performing a sanity check. This flaw allows a malicious or buggy guest to crash the QEMU process on the host, resulting in a denial of service.
References
bugzilla.redhat.com/show_bug.cgi?id=1890653
git.qemu.org/?p=qemu.git;a=commit;h=bea2a9e3e00b275dc40cfa09c760c715b8753e03
lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html
security-tracker.debian.org/tracker/CVE-2020-27661
security.netapp.com/advisory/ntap-20210720-0010/
www.mail-archive.com/[email protected]/msg1770368.html
Related
cvelist
cvelist
CVE-2020-27661
2021-06-02 15:25:19
alpinelinux
alpinelinux
CVE-2020-27661
2021-06-02 16:15:08
nvd
nvd
CVE-2020-27661
2021-06-02 16:15:08
ubuntucve
ubuntucve
CVE-2020-27661
2021-06-02 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-27661 affecting package qemu-kvm 4.2.0-48
2021-07-08 21:56:54
redhatcve
redhatcve
CVE-2020-27661
2020-10-22 17:05:16
cve
cve
CVE-2020-27661
2021-06-02 16:15:08
prion
prion
Input validation
2021-06-02 16:15:00
debiancve
debiancve
CVE-2020-27661
2021-06-02 16:15:08
nessus
nessus
Oracle Linux 7 : qemu (ELSA-2021-9335)
2021-06-28 00:00:00
Oracle Linux 8 : kvm_utils (ELSA-2021-9568)
2021-12-01 00:00:00
oraclelinux
oraclelinux
qemu security update
2021-06-28 00:00:00
virt:kvm_utils security update
2021-12-01 00:00:00