From ${URL} : Quick emulator(Qemu) built with the USB xHCI controller emulator support is vulnerable to an infinite recursive call loop issue. It could occur while processing control transfer descriptors' sequence in xhci_kick_epctx. A privileged user inside guest could use this flaw to crash the Qemu process resulting in DoS. Upstream patch: --------------- -> http://git.qemu.org/?p=qemu.git;a=commitdiff;h=96d87bdda3919bb16f754b3d3fd1227e1f38f13c Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/06/05/2 @security: please check if this issue needs a GLSA.
This commit is already in upstream version 2.9.0.
GLSA Vote: No