Описание
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:2.11+dfsg-1ubuntu7.32 |
| devel | released | 1:5.0-5ubuntu9 |
| esm-infra-legacy/trusty | released | 2.0.0+dfsg-2ubuntu1.47+esm1 |
| esm-infra/bionic | released | 1:2.11+dfsg-1ubuntu7.32 |
| esm-infra/focal | released | 1:4.2-3ubuntu6.6 |
| esm-infra/xenial | released | 1:2.5+dfsg-5ubuntu10.46 |
| focal | released | 1:4.2-3ubuntu6.6 |
| groovy | released | 1:5.0-5ubuntu9 |
| hirsute | released | 1:5.0-5ubuntu9 |
| precise/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| precise/esm | ignored | end of life, was needed |
| trusty | DNE | |
| trusty/esm | DNE |
Показывать по
4.4 Medium
CVSS2
5 Medium
CVSS3
Связанные уязвимости
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
An out-of-bounds read/write access flaw was found in the USB emulator ...
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
4.4 Medium
CVSS2
5 Medium
CVSS3