Описание
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
A NULL pointer dereference flaw was found in the QEMU emulator built with USB OHCI emulation support. The flaw could occur when OHCI transitions to the OHCI_USB_OPERATIONAL state, leading to the creation of multiple EOF timers. A privileged user inside a guest could exploit this flaw to crash the QEMU process on the host (denial of service).
Отчет
This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Will not fix | ||
| Red Hat Enterprise Linux 5 | xen | Will not fix | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Will not fix | ||
| Red Hat Enterprise Linux 6 | qemu-kvm-rhev | Will not fix | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Will not fix | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-rhev | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse) | qemu-kvm-rhev | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 6 (Juno) | qemu-kvm-rhev | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | qemu-kvm-rhev | Will not fix | ||
| Red Hat OpenStack Platform 8 (Liberty) | qemu-kvm-rhev | Will not fix |
Показывать по
Дополнительная информация
Статус:
2.3 Low
CVSS2
Связанные уязвимости
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/ ...
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
2.3 Low
CVSS2