CVE-2016-7466

Published: 21 September 2016

Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device.

Priority

CVSS 3 base score: 6.0

Status

Package	Release	Status
qemu Launchpad, Ubuntu, Debian	precise	Does not exist
	trusty	Not vulnerable (code not present)
	upstream	Needs triage
	xenial	Released (1:2.5+dfsg-5ubuntu10.6)
	yakkety	Released (1:2.6.1+dfsg-0ubuntu5.1)
	Patches: upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=b53dd4495ced2432a0b652ea895e651d07336f7e
qemu-kvm Launchpad, Ubuntu, Debian	precise	Not vulnerable (code not present)
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist
	yakkety	Does not exist

References

Bugs

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838687

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Security