QEMU (aka Quick Emulator) is vulnerable to denial of service (DoS). When built with the USB OHCI Emulation support, it allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.
CPE | Name | Operator | Version |
---|---|---|---|
qemu:xenial | eq | 1:2.5+dfsg-5ubuntu10 |
git.qemu.org/?p=qemu.git;a=commit;h=26f670a244982335cc08943fb1ec099a2c81e42d
www.debian.org/security/2017/dsa-3920
www.openwall.com/lists/oss-security/2017/06/01/3
www.securityfocus.com/bid/98779
bugzilla.redhat.com/show_bug.cgi?id=1457697
lists.debian.org/debian-lts-announce/2018/09/msg00007.html
security.gentoo.org/glsa/201706-03