« List of all CVEs

CVE-2017-5973

Published: 3/27/2017 Last updated: 8/5/2024 Reserved: 2/13/2017

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (2)

conf-qemu-img nbd-tool

Products affected (2)

Product Vendor Version
n/a n/a < 4.5.0.16
n/a n/a < ebdff0986513a29be242aace0ef89b6c105b0bf0

References (36)