PT-2017-17118 · Qemu+3 · Qemu+3

Li Qiang

Publicado

2017-03-15

Atualizado

2024-06-15

CVE-2017-6505

CVSS v3.1

6.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions QEMU versions prior to 2.9.0

Description The issue allows local guest OS users to cause a denial of service, resulting in an infinite loop. This is achieved through vectors involving the number of link endpoint list descriptors in the ohci service ed list function.

Recommendations For versions prior to 2.9.0, update to version 2.9.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the ohci service ed list function in hw/usb/hcd-ohci.c to minimize the risk of exploitation.

Exploit

Correção

DoS

Infinite Loop

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-835

Identificadores relacionados

ALT-PU-2017-1521

CVE-2017-6505

DLA-1070-1

DLA-1071-1

DLA-1497-1

OPENSUSE-SU-2017_1078-1

OPENSUSE-SU-2017_1872-1

OPENSUSE-SU-2024:11520-1

SUSE-SU-2017:0983-1

SUSE-SU-2017:1058-1

SUSE-SU-2017:1080-1

SUSE-SU-2017:1081-1

SUSE-SU-2017:1147-1

SUSE-SU-2017:1774-1

SUSE-SU-2017:2946-1

SUSE-SU-2017:2963-1

SUSE-SU-2017:2969-1

SUSE-SU-2017:3084-1

SUSE-SU-2017_0983-1

USN-3261-1

USN-3268-1

Produtos afetados

Alt Linux

Qemu

Suse

Ubuntu

PT-2017-17118 · Qemu+3 · Qemu+3

CVE-2017-6505

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 440