CVE-2020-27661: 
NixOS vulnerability analysis and mitigation

A divide-by-zero vulnerability (CVE-2020-27661) was discovered in the dwc2handlepacket function within hw/usb/hcd-dwc2.c of QEMU's hcd-dwc2 USB host controller emulation. The vulnerability was identified in QEMU versions through 5.1.1, with the issue being reported on October 22, 2020. The flaw affects the dwc-hsotg (dwc2) USB host controller emulation component (RedHat Bug, NVD).

The vulnerability occurs when HCCHAR_MPS is read from a device register and subsequently used as a divisor without proper sanity checks. The issue has been assigned a CVSS v3.1 Base Score of 6.5 (MEDIUM) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H. The vulnerability is classified under CWE-369 (Divide By Zero) (NVD).

When successfully exploited, this vulnerability could allow a malicious or buggy guest to crash the QEMU process on the host, resulting in a denial of service (DoS) condition (NetApp Advisory, NVD).

A fix was implemented by adding a check for the mps value to prevent potential divide-by-zero operations. The patch was submitted and merged upstream, with the fix being included in versions after 5.1.1. The fix involves validating the HCCHAR_MPS value before its use as a divisor (QEMU Patch).