Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 612220 (CVE-2017-6505) - <app-emulation/qemu-2.8.0-r8: usb: an infinite loop issue in ohci_service_ed_list (CVE-2017-6505)
Summary: <app-emulation/qemu-2.8.0-r8: usb: an infinite loop issue in ohci_service_ed_...
Alias: CVE-2017-6505
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B3 [glsa cve]
Depends on: CVE-2016-9602
  Show dependency tree
Reported: 2017-03-10 16:28 UTC by Agostino Sarubbo
Modified: 2017-04-10 21:28 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2017-03-10 16:28:16 UTC
From ${URL} :

Quick Emulator built with the USB OHCI Emulation support is vulnerable to an 
infinite loop issue. It could occur while processing an endpoint list 
descriptor in ohci_service_ed_list().

A guest user/process could use this flaw to crash Qemu process resulting in 

Upstream patch:


This issue was reported by Li Qiang of Inc.

'CVE-2017-6505' allocated via ->

@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2017-03-19 13:57:05 UTC
CVE-2017-6505 (
  The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick
  Emulator) allows local guest OS users to cause a denial of service (infinite
  loop) via vectors involving the number of link endpoint list descriptors.
Comment 2 Matthias Maier gentoo-dev 2017-03-27 04:05:08 UTC
commit b054426687f5eccea1873b53afed11100ca1eb8d
Author: Matthias Maier <>
Date:   Sun Mar 26 22:18:22 2017 -0500

    app-emulation/qemu: security patches, bug #612220
      CVE-2017-6505, bug #612220
    Package-Manager: Portage-2.3.3, Repoman-2.3.2
Comment 3 Yury German Gentoo Infrastructure gentoo-dev 2017-03-28 04:21:05 UTC
Corrected Whiteboard. 
Added to an existing GLSA Request - Since we are writing it up.
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2017-04-10 21:28:02 UTC
This issue was resolved and addressed in
 GLSA 201704-01 at
by GLSA coordinator Kristian Fiskerstrand (K_F).