QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions such as reset whi...

SUSE CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...

The vulnerability of the USB 2.0 (EHCI) controller in VMware ESXi, VMware Workstation, and VMware Fusion, as well as in the virtualization platform VMware Cloud Foundation, allows a perpetrator to execute arbitrary code.

The vulnerability of the USB 2.0 EHCI controller in VMware ESXi, VMware Workstation, and VMware Fusion, as well as in the virtualization platform VMware Cloud Foundation, relates to the ability to write beyond the buffer. Exploiting this vulnerability could allow an attacker to execute arbitrary...

UBUNTU-CVE-2020-25723

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...

PT-2020-6485

Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileg...

The vulnerability of the USB 2.0 controller EHCI in VMware ESXi, VMware Workstation, and VMware Fusion allows a attacker to execute arbitrary code.

The vulnerability of the USB 2.0 controller EHCI in VMware ESXi, VMware Workstation, and VMware Fusion stems from synchronization errors when using shared resources „Race Conditions“. Exploiting this vulnerability allows an attacker to execute arbitrary code...

"Code 10 Device Cannot Start" error for EHCI USB Controller devices in Device Manager in Windows Server 2012 R2

"Code 10 Device Cannot Start" error for EHCI USB Controller devices in Device Manager in Windows Server 2012 R2 This article describes an issue in which you receive a "Code 10 Device Cannot Start" error message for Enhanced Host Controller Interface EHCI USB Controller devices in Device Manager i...

UBUNTU-CVE-2016-9911

Quick Emulator Qemu built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehciinittransfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host...

UBUNTU-CVE-2014-3185

Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service memory corruption and system crash v...