PT-2022-7373 · Qemu+6 · Qemu+6

Gaoning Pan

Published

2022-08-17

Updated

2026-06-09

CVE-2020-14394

CVSS v3.1

3.2

Low

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description A flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring, allowing a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

ALT-PU-2022-3081

ALT-PU-2022-3083

ALT-PU-2022-3390

ALT-PU-2023-1830

ALT-PU-2023-1869

BDU:2024-04482

CVE-2020-14394

DLA-3362-1

OESA-2022-1918

SUSE-SU-2023:0761-1

SUSE-SU-2023:0840-1

SUSE-SU-2023:0879-1

SUSE-SU-2023:0879-2

SUSE-SU-2023_0879-1

USN-6567-1

USN-6567-2

USN-8412-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Qemu

Red Os

Suse

Ubuntu

PT-2022-7373 · Qemu+6 · Qemu+6

CVE-2020-14394

Weakness Enumeration

Related Identifiers

Affected Products

References · 113