CVE-2017-9060

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description The issue is related to a memory leak in the virtio gpu set scanout function. This memory leak allows local guest OS users to cause a denial of service by consuming memory via a large number of "VIRTIO GPU CMD SET SCANOUT:" commands. The problem is associated with an insufficient memory release mechanism before removing the last reference.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.