oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: Qemu: usb: ehci: memory leakage in ehci_init_transfer

From: <cve-assign () mitre org>
Date: Thu, 8 Dec 2016 01:35:37 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


Quick Emulator(Qemu) built with the USB EHCI Emulation support is vulnerable
to a memory leakage issue. It could occur while processing packet data in
'ehci_init_transfer'.

A guest user/process could use this issue to leak host memory, resulting in
DoS for a host.

http://git.qemu.org/?p=qemu.git;a=commit;h=791f97758e223de3290592d169f8e6339c281714



it doesn't free the 'p->sgl'


Use CVE-2016-9911.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYSPv+AAoJEHb/MwWLVhi2zvsP/3xTTHAxpT0SXnVo/5KFX/lC
ANh7j1y2R9GVOBkwczTqD0MFwNDEM1FVVzhE9XVu4TLaJ7PYgsQzPpT6K+nI+Vhs
fWq7rHIgclE9X4MP94N/sMYyE4oZZ35uJm0qLnXxItiGoeFKTNkWHtw1SPSzRRIK
UfJ+PaA14SSts9XJquaxNf/kEYpKFhtGfrU5rsQc1XxSxMHhlBRdwOFLbMqopFhN
oes/HFAwqmXpdmqxvUmvBhvcH4HR5+8RB4W9wM5wU+EAirYTSA8g2LQQiiFna2B7
ES0ef9tZ/2PelYnExPj51Xl6xe5xbSML1z4MpxDX7GLyo/3oqM7/bLzFU7vnzsL1
tA0UM5ipwb0An6TQDX285nGToTQU2KYbVYghz81F9Sro+GkVFPov5rq0s8bH54m0
4GruXSeGGL7YKlOYPCq03p+stCXjUZS2d53qwPKMBBLmtomuGMK6LaUZnQQSn44V
h7tphm8Hvapb86rBkixCA5xXBvwSGdX5QZy23Ppr2FBrfkGT4VEpWBdCEkn9Y3q2
UUs8MdH9XRTlmqdfLf5EJPI53eIhxFVdBQV9VPb+qzuLtDt6ei24p5EPUZACUte7
69cwfYegHyJnSXfL/FNuWDcdf2qsc0P1vh5Ka2QwUDVyRSl9Ef8qCt899aFRNsy5
xUILseRrS8HSXuXKTtrR
=yc/x
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: