itd-hoffmann.de Improper Access Control vulnerability OBB-3765578

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DEBIAN-CVE-2016-7995

Memory leak in the ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of crafted buffer page select PG indexes...

Code injection

The ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular isochronous transfer descriptor iTD list...

CVE-2015-8558

The ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular isochronous transfer descriptor iTD list...

CVE-2015-8558

CVE-2015-8558 is a QEMU USB EHCI emulation flaw in ehci_process_itd that can cause an infinite loop and CPU DoS when a circular iTD list is processed. A privileged guest user could exploit this locally. Debian security advisory DSA-3471-1 notes a fix in qemu for Jessie: upgrade to 1:2.1+dfsg-12+d...

qemu -- denial of service vulnerability in USB EHCI emulation support

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the USB EHCI emulation support is vulnerable to an infinite loop issue. It occurs during communication between host controller interfaceEHCI and a respective device driver. These two communicate via a isochronous...