CVE - CVE-2016-8576

CVE-ID
CVE-2016-8576	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:93469 URL:http://www.securityfocus.com/bid/93469 MISC:GLSA-201611-11 URL:https://security.gentoo.org/glsa/201611-11 MISC:RHSA-2017:2392 URL:https://access.redhat.com/errata/RHSA-2017:2392 MISC:RHSA-2017:2408 URL:https://access.redhat.com/errata/RHSA-2017:2408 MISC:[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update URL:https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html MISC:[oss-security] 20161010 CVE request Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch URL:http://www.openwall.com/lists/oss-security/2016/10/10/6 MISC:[oss-security] 20161010 Re: CVE request Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch URL:http://www.openwall.com/lists/oss-security/2016/10/10/12 MISC:[qemu-devel] 20161007 Re: [PATCH] usb: xHCI: add check to limit command TRB processing URL:https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01265.html MISC:http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=05f43d44e4bc26611ce25fd7d726e483f73363ce URL:http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=05f43d44e4bc26611ce25fd7d726e483f73363ce MISC:openSUSE-SU-2016:3237 URL:http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html
Assigning CNA
Red Hat, Inc.
Date Record Created
20161010	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20161010)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Site Map | Terms of Use | Privacy Policy | Contact Us | Follow CVE

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.