A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1890653 | Issue Tracking Patch Third Party Advisory |
https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=bea2a9e3e00b275dc40cfa09c760c715b8753e03 | |
https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html | Mailing List Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210720-0010/ | Third Party Advisory |
https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1770368.html |
Configurations
History
07 Nov 2023, 03:20
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
13 May 2022, 17:28
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Jun 2021, 15:23
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1890653 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1770368.html - Patch, Third Party Advisory |
11 Jun 2021, 14:45
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-369 | |
CPE | cpe:2.3:a:qemu:qemu:-:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 6.5 |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1890653 - Issue Tracking, Third Party Advisory | |
References | (MISC) https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1770368.html - Third Party Advisory | |
References | (MISC) https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html - Mailing List, Patch, Third Party Advisory | |
References | (MISC) https://git.qemu.org/?p=qemu.git;a=commit;h=bea2a9e3e00b275dc40cfa09c760c715b8753e03 - Patch, Vendor Advisory |
02 Jun 2021, 16:28
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-02 16:15
Updated : 2023-12-10 13:55
NVD link : CVE-2020-27661
Mitre link : CVE-2020-27661
CVE.ORG link : CVE-2020-27661
JSON object : View
Products Affected
qemu
- qemu
CWE
CWE-369
Divide By Zero