Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-5973

Опубликовано: 13 фев. 2017
Источник: redhat
CVSS3: 3
CVSS2: 2.3
EPSS Низкий

Описание

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmWill not fix
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevWill not fix
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat OpenStack Platform 10.0 (Newton)qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat OpenStack Platform 11.0 (Ocata)qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat OpenStack Platform 8.0 (Liberty)qemu-kvm-rhevFixedRHSA-2017:240801.08.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-835
https://bugzilla.redhat.com/show_bug.cgi?id=1421626Qemu: usb: infinite loop while doing control transfer in xhci_kick_epctx

EPSS

Процентиль: 27%
0.00095
Низкий

3 Low

CVSS3

2.3 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2017-5973

CVSS3: 5.5
ubuntu
почти 9 лет назад

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

nvd логотип

CVE-2017-5973

CVSS3: 5.5
nvd
почти 9 лет назад

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

debian логотип

CVE-2017-5973

CVSS3: 5.5
debian
почти 9 лет назад

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick E ...

github логотип

GHSA-v347-c52r-65xm

CVSS3: 5.5
github
больше 3 лет назад

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

suse-cvrf логотип

SUSE-SU-2017:0570-1

suse-cvrf
почти 9 лет назад

Security update for xen

EPSS

Процентиль: 27%
0.00095
Низкий

3 Low

CVSS3

2.3 Low

CVSS2