Summary: | <app-emulation/qemu-2.8.0-r8: usb: an infinite loop issue in ohci_service_ed_list (CVE-2017-6505) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | qemu+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2017/03/06/6 | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 606088 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2017-03-10 16:28:16 UTC
CVE-2017-6505 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6505): The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors. commit b054426687f5eccea1873b53afed11100ca1eb8d Author: Matthias Maier <tamiko@gentoo.org> Date: Sun Mar 26 22:18:22 2017 -0500 app-emulation/qemu: security patches, bug #612220 CVE-2017-6505, bug #612220 Package-Manager: Portage-2.3.3, Repoman-2.3.2 Corrected Whiteboard. Added to an existing GLSA Request - Since we are writing it up. This issue was resolved and addressed in GLSA 201704-01 at https://security.gentoo.org/glsa/201704-01 by GLSA coordinator Kristian Fiskerstrand (K_F). |