CVE-2020-27661

Sažetak

A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

Reference

https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html
https://bugzilla.redhat.com/show_bug.cgi?id=1890653
https://security.netapp.com/advisory/ntap-20210720-0010/
https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1770368.html
https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=bea2a9e3e00b275dc40cfa09c760c715b8753e03

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

07-11-2023 - 03:20

Objavljeno

02-06-2021 - 16:15