vulnerability
Ubuntu: (Multiple Advisories) (CVE-2020-14394): QEMU vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 1 | (AV:L/AC:L/Au:M/C:N/I:N/A:P) | Aug 17, 2022 | Jan 9, 2024 | Apr 16, 2026 |
Severity
1
CVSS
(AV:L/AC:L/Au:M/C:N/I:N/A:P)
Published
Aug 17, 2022
Added
Jan 9, 2024
Modified
Apr 16, 2026
Description
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.
Solutions
ubuntu-upgrade-qemuubuntu-upgrade-qemu-systemubuntu-upgrade-qemu-system-armubuntu-upgrade-qemu-system-mipsubuntu-upgrade-qemu-system-miscubuntu-upgrade-qemu-system-ppcubuntu-upgrade-qemu-system-s390xubuntu-upgrade-qemu-system-sparcubuntu-upgrade-qemu-system-x86ubuntu-upgrade-qemu-system-x86-microvmubuntu-upgrade-qemu-system-x86-xenubuntu-upgrade-qemu-system-xen
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.