Source: qemu Severity: important Tags: security upstream patch Version: 1.1.2+dfsg-1
Qemu emulator built with the USB EHCI emulation support is vulnerable to an infinite loop issue. It occurs during communication between host controller interface(EHCI) and a respective device driver. These two communicate via a isochronous transfer descriptor list(iTD) and an infinite loop unfolds if there is a closed loop in this list. A privileges user inside guest could use this flaw to consume excessive CPU cycles & resources on the host. Upstream fix: - ------------- -> https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02124.html This issue was discovered by Qinghao Tang of QIHU 360 Marvel Team. (From http://www.openwall.com/lists/oss-security/2015/12/14/9)
