Recently, 2020, QEMU issued a risk notice for the qemu memory out-of-bounds vulnerability. The vulnerability number is CVE-2020-14364, the vulnerability level is severe, and the vulnerability score is 10. By constructing special memory data, the attacker can cause the virtual machine to escape and execute arbitrary code.
The vulnerability exists in the Qemu USB module, which can cause out-of-bounds reading and writing, and thus realize virtual machine escape.
All versions of Qemu shipped with in-support versions of Xen are vulnerable. This includes both qemu-traditional and qemu-xen.
The vulnerability can only be exploited when Qemu is used as a device model. This configuration is only used by default for x86 HVM guests. x86 PV, PVH and ARM guest do not use a device model by default.
Guests configured to use a Qemu stubdomain contain the code execution within the stubdomain, and are therefore not considered vulnerable.
In this regard, we recommend that users apply the latest repair solution to qemu in time. You should read the patch to migrate this vulnerability