Описание
hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.
An infinite loop flaw was found in the USB OHCI controller emulator of QEMU. This flaw occurs while servicing OHCI isochronous transfer descriptors (TD) in the ohci_service_iso_td routine, as it retires a TD if it has passed its time frame. It does not check if the TD was already processed and holds an error code in TD_CC. This issue may happen if the TD list has a loop. This flaw allows a guest user or process to consume CPU cycles on the host, resulting in a denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Not affected | ||
| Red Hat Enterprise Linux 5 | xen | Not affected | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-ma | Affected | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-rhev | Not affected | ||
| Red Hat Enterprise Linux 8 | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 8 Advanced Virtualization | qemu-kvm | Not affected | ||
| Red Hat Enterprise Linux 9 | qemu-kvm | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
2.5 Low
CVSS3
Связанные уязвимости
hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.
hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.
hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list ha ...
hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.
Уязвимость компонента hw/usb/hcd-ohci.c эмулятора аппаратного обеспечения QEMU, связанная с выполнением цикла с недоступным условием выхода, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
2.5 Low
CVSS3