Debian 10 Buster DLA-3362-1 Moderate: QEMU Denial Of Service Flaws
debian lts
March 14, 2023
Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, information leak, or potentially the execution of arbitrary co...
Summary
CVE-2020-14394
An infinite loop flaw was found in the USB xHCI controller
emulation of QEMU while computing the length of the Transfer
Request Block (TRB) Ring. This flaw allows a privileged guest user
to hang the QEMU process on the host, resulting in a denial of
service.
CVE-2020-17380/CVE-2021-3409
A heap-based buffer overflow was found in QEMU in the SDHCI device
emulation support. It could occur while doing a multi block SDMA
transfer via the sdhci_sdma_transfer_multi_blocks() routine in
hw/sd/sdhci.c. A guest user or process could use this flaw to
crash the QEMU process on the host, resulting in a denial of
service condition, or potentially execute arbitrary code with
privileges of the QEMU process on the host.
CVE-2020-29130
slirp.c has a buffer over-read because it tries to read a certain
amount of header data even if that exceeds the total packet
length.
CVE-2021-3592
An invalid pointer initialization issue was found in the SLiRP
PREVIOUS
NEXT
Package: qemu
Version: 1:3.1+dfsg-8+deb10u10
CVE ID: CVE-2020-14394 CVE-2020-29130 CVE-2021-3592 CVE-2021-3593
Debian Bug: 970937 979677 986795 989993 989994 989995 989996 1014589 1014590
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!