CVE-2014-5263

Name of the Vulnerable Software and Affected Versions QEMU version 1.6.0

Description The issue is related to the vmstate xhci event in hw/usb/hcd-xhci.c, which does not properly terminate the list with the VMSTATE END OF LIST macro. This allows attackers to cause a denial of service, including out-of-bounds access, infinite loop, and memory corruption, and possibly gain privileges via unspecified vectors.

Recommendations For QEMU version 1.6.0, consider updating to a newer version that includes the fix for this issue, as the current version does not properly terminate the list, leading to potential security risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.