The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.
References
Link | Resource |
---|---|
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=156a2e4dbffa85997636a7a39ef12da6f1b40254 | |
http://www.debian.org/security/2016/dsa-3469 | Third Party Advisory |
http://www.debian.org/security/2016/dsa-3470 | Third Party Advisory |
http://www.debian.org/security/2016/dsa-3471 | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2015/12/14/16 | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2015/12/14/9 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/80694 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=1277983 | Issue Tracking Third Party Advisory |
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02124.html | Mailing List Patch Third Party Advisory |
https://security.gentoo.org/glsa/201602-01 | Third Party Advisory |
Configurations
History
No history.
Information
Published : 2016-05-23 19:59
Updated : 2024-02-28 15:21
NVD link : CVE-2015-8558
Mitre link : CVE-2015-8558
CVE.ORG link : CVE-2015-8558
JSON object : View
Products Affected
debian
- debian_linux
qemu
- qemu
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')