CVE-2017-8112

Published: 02 May 2017

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(1:2.10+dfsg-0ubuntu1)
Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(1:2.10+dfsg-0ubuntu1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(1:2.10+dfsg-0ubuntu1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (1:2.5+dfsg-5ubuntu10.15)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.0.0+dfsg-2ubuntu1.35)
Patches:
Upstream: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=f68826989cd4d1217797251339579c57b3c0934e
qemu-kvm
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 ESM (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist