PT-2020-6461 · Qemu+5 · Qemu+5

Published

2020-08-15

Updated

2026-06-09

CVE-2020-25625

CVSS v3.1

5.3

Medium

Vector

AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions QEMU version 5.0.0

Description The issue is related to the hw/usb/hcd-ohci.c component in the QEMU hardware emulator, which can lead to an infinite loop when a TD list has a loop. This can cause a denial of service.

Recommendations For QEMU version 5.0.0, consider disabling the hw/usb/hcd-ohci.c component as a temporary workaround until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

ALT-PU-2020-2595

BDU:2021-05150

CVE-2020-25625

DLA-2469-1

DLA-3099-1

OPENSUSE-SU-2021:0600-1

OPENSUSE-SU-2021_0600-1

SUSE-SU-2021:1240-1

SUSE-SU-2021:1241-1

SUSE-SU-2021:1242-1

SUSE-SU-2021:1243-1

SUSE-SU-2021:1244-1

SUSE-SU-2021:1245-1

SUSE-SU-2021:1305-1

SUSE-SU-2021:14704-1

SUSE-SU-2021:14706-1

SUSE-SU-2021_14704-1

USN-4650-1

USN-8412-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Qemu

Suse

Ubuntu

PT-2020-6461 · Qemu+5 · Qemu+5

CVE-2020-25625

Weakness Enumeration

Related Identifiers

Affected Products

References · 164