Showing 1 - 25 of 26

CVE-2020-14364

Status Candidate

Overview

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.

Related Files

Ubuntu Security Notice USN-4467-2: Posted Feb 2, 2021; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4467-2 - USN-4467-1 fixed several vulnerabilities in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, denial of service, vulnerability; systems | linux, ubuntu; advisories | CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-14364; MD5 | 2d14a29a78878b0d667761d1bc1fdd9e; Download | Favorite | View

Gentoo Linux Security Advisory 202011-09: Posted Nov 11, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202011-9 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 5.1.0-r1 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2020-10717, CVE-2020-10761, CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-13791, CVE-2020-13800, CVE-2020-14364; MD5 | f222cb40a91121486af43b166261e3be; Download | Favorite | View

Red Hat Security Advisory 2020-4290-01: Posted Oct 20, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4290-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a use-after-free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-14364, CVE-2020-1983; MD5 | 960dd358dbfac272d13833dcae92bb78; Download | Favorite | View

Red Hat Security Advisory 2020-4291-01: Posted Oct 20, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4291-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | 5b276d0f7b184fae79a9c8e8244ea5ea; Download | Favorite | View

Red Hat Security Advisory 2020-4056-01: Posted Oct 8, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4056-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | 6f91d019be06f8ba097b926ea4e1bbe5; Download | Favorite | View

Red Hat Security Advisory 2020-4176-01: Posted Oct 5, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4176-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | d22d94a8cda118223d6d82812611a49d; Download | Favorite | View

Red Hat Security Advisory 2020-4172-01: Posted Oct 5, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4172-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a code execution vulnerability.; tags | advisory, code execution; systems | linux, redhat; advisories | CVE-2020-10713, CVE-2020-14364; MD5 | 7698deb0caf019d910b610e071019288; Download | Favorite | View

Red Hat Security Advisory 2020-4167-01: Posted Oct 5, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4167-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a memory leak vulnerability.; tags | advisory, memory leak; systems | linux, redhat; advisories | CVE-2019-20382, CVE-2020-14364; MD5 | d35c6413c3fecfc3f8c5c97fdc211b36; Download | Favorite | View

Red Hat Security Advisory 2020-4162-01: Posted Oct 2, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4162-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | 040605a96d155d9c518e4cf87232ffd4; Download | Favorite | View

Red Hat Security Advisory 2020-4115-01: Posted Sep 30, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4115-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a code execution vulnerability.; tags | advisory, code execution; systems | linux, redhat; advisories | CVE-2020-10713, CVE-2020-14364; MD5 | 9e21e2b2f8449f2cb25067270cc6a85d; Download | Favorite | View

Red Hat Security Advisory 2020-4111-01: Posted Sep 30, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4111-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | 088953128b12785a9aef37b8e25749a2; Download | Favorite | View

Red Hat Security Advisory 2020-4079-01: Posted Sep 30, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4079-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a use-after-free vulnerability.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364, CVE-2020-1983; MD5 | 1b7a16f2c89db0ef042132828d42d28f; Download | Favorite | View

Gentoo Linux Security Advisory 202009-14: Posted Sep 30, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202009-14 - A buffer overflow in Xen might allow remote attacker(s) to execute arbitrary code. Versions less than 4.13.1-r3 are affected.; tags | advisory, remote, overflow, arbitrary; systems | linux, gentoo; advisories | CVE-2020-14364; MD5 | f6307d01d31fc5f6f0ff146802b5e143; Download | Favorite | View

Red Hat Security Advisory 2020-4078-01: Posted Sep 30, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4078-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | 498be94b1fdf2b23616e1785a0ae33dd; Download | Favorite | View

Red Hat Security Advisory 2020-4053-01: Posted Sep 30, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4053-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | eb2030259d58170bfa72edd68aa8b2ec; Download | Favorite | View

Red Hat Security Advisory 2020-4052-01: Posted Sep 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4052-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | c68d7948177e024cbd71ca3a224035a3; Download | Favorite | View

Red Hat Security Advisory 2020-4059-01: Posted Sep 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4059-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include information leakage and out of bounds read vulnerabilities.; tags | advisory, kernel, vulnerability; systems | linux, redhat; advisories | CVE-2020-10756, CVE-2020-14364; MD5 | f80f20f5bbc7df1040c003c552ceba74; Download | Favorite | View

Red Hat Security Advisory 2020-4047-01: Posted Sep 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4047-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | c921605e0ddb9304a52d649abc59f339; Download | Favorite | View

Red Hat Security Advisory 2020-4051-01: Posted Sep 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4051-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | 3eff005ca225ee941f4f55f63c698886; Download | Favorite | View

Red Hat Security Advisory 2020-4050-01: Posted Sep 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4050-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | 1f498e66fd63300df7de41df2679841c; Download | Favorite | View

Red Hat Security Advisory 2020-4049-01: Posted Sep 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4049-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | 0f0da3b64d57daecaee415b9d5abb8dc; Download | Favorite | View

Red Hat Security Advisory 2020-4048-01: Posted Sep 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4048-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | 40484a2179d69646e6b04ddd59921e57; Download | Favorite | View

Red Hat Security Advisory 2020-4055-01: Posted Sep 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4055-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | d7f46f40565a7338ed3ce4254824ac17; Download | Favorite | View

Red Hat Security Advisory 2020-4058-01: Posted Sep 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4058-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | d3f53e9ea16816cc1f0bc5b2699538e6; Download | Favorite | View

Red Hat Security Advisory 2020-4054-01: Posted Sep 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4054-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.; tags | advisory, kernel; systems | linux, redhat; advisories | CVE-2020-14364; MD5 | 7959adb687434a3476624c518eb47b74; Download | Favorite | View

Page 1 of 2 Back 1 2 Next

Top Authors In Last 30 Days

Red Hat 204 files
Ubuntu 47 files
malvuln 44 files
Gentoo 38 files
Geovanni Ruiz 11 files
Ron Jost 9 files
Google Security Research 8 files
Apple 8 files
Brian Rodriguez 7 files
Jim Becher 7 files

File Archives

Systems

AIX (421)
Apple (1,804)
BSD (368)
CentOS (53)
Cisco (1,906)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,093)
HPUX (873)
iOS (294)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (40,158)
Mac OS X (678)
Mandriva (3,105)
NetBSD (255)
OpenBSD (474)
RedHat (10,160)
Slackware (941)
Solaris (1,598)
SUSE (1,444)
Ubuntu (7,291)
UNIX (8,911)
UnixWare (180)
Windows (5,991)
Other

CVE-2020-14364

Overview

Related Files

File Archive:

June 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems