CVE-2014-5263

Priority
Description
vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate
the list with the VMSTATE_END_OF_LIST macro, which allows attackers to
cause a denial of service (out-of-bounds access, infinite loop, and memory
corruption) and possibly gain privileges via unspecified vectors.
Assigned-to
mdeslaur
Notes
mdeslauronly 1.6.x and higher
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.7)
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=3afca1d6d413592c2b78cf28f52fa24a586d8f56
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
More Information

Updated: 2020-07-28 19:52:29 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)