CVE-2020-14394
Publication date 17 August 2022
Last updated 24 July 2024
Ubuntu priority
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| qemu | 24.10 oracular |
Not affected
|
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Fixed 1:6.2+dfsg-2ubuntu6.16
|
|
| 20.04 LTS focal |
Fixed 1:4.2-3ubuntu6.28
|
|
| 18.04 LTS bionic |
Vulnerable
|
|
| 16.04 LTS xenial |
Vulnerable
|
|
| 14.04 LTS trusty |
Vulnerable
|
|
| qemu-kvm | 24.10 oracular | Not in release |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release |
Notes
mdeslaur
impact is limited, a privileged guest user can only use this issue to perform a denial of service to their own instance
Patch details
| Package | Patch details |
|---|---|
| qemu |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
3.2 · Low
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | High |
| User interaction | None |
| Scope | Changed |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | Low |
| Vector | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L |
References
Related Ubuntu Security Notices (USN)
- USN-6567-1
- QEMU vulnerabilities
- 8 January 2024