CVE-2016-8576

Priority
Description
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick
Emulator) allows local guest OS administrators to cause a denial of service
(infinite loop and QEMU process crash) by leveraging failure to limit the
number of link Transfer Request Blocks (TRB) to process.
Notes
tyhicksPrivileged user inside the guest can trigger a DoS of the QEMU host
process
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needed
Ubuntu 14.04 ESM (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.30)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:2.5+dfsg-5ubuntu10.6)
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=05f43d44e4bc26611ce25fd7d726e483f73363ce
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-12-05 18:46:27 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)