CVE-2020-27661
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
Se encontró un problema de división por cero en la función dwc2_handle_packet en el archivo hw/usb/hcd-dwc2.c en la emulación del controlador de host USB hcd-dwc2 de QEMU. Un huésped malicioso podría utilizar este fallo para bloquear el proceso de QEMU en el host, resultando en una denegación de servicio
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-10-22 CVE Reserved
- 2021-06-02 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-369: Divide By Zero
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=bea2a9e3e00b275dc40cfa09c760c715b8753e03 | X_refsource_misc | |
| https://security.netapp.com/advisory/ntap-20210720-0010 | Third Party Advisory |
|
| https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1770368.html | X_refsource_misc |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1890653 | 2023-11-07 | |
| https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html | 2023-11-07 |
| URL | Date | SRC |
|---|