CVE-2016-4037
23.05.2016, 19:59
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 15.10 |
| canonical | ubuntu_linux | 16.04 |
| qemu | qemu | 𝑥 ≤ 2.5.1 |
| qemu | qemu | 2.6.0:rc0 |
| qemu | qemu | 2.6.0:rc1 |
| qemu | qemu | 2.6.0:rc2 |
| debian | debian_linux | 8.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||
|---|---|---|---|---|---|
| qemu |
| ||||
| qemu-block-curl |
| ||||
| qemu-block-rbd |
| ||||
| qemu-guest-agent |
| ||||
| qemu-ipxe |
| ||||
| qemu-kvm |
| ||||
| qemu-lang |
| ||||
| qemu-ppc |
| ||||
| qemu-s390 |
| ||||
| qemu-seabios |
| ||||
| qemu-sgabios-8 |
| ||||
| qemu-tools |
| ||||
| qemu-vgabios |
| ||||
| qemu-x86 |
|
References