Astra Linux - уязвимость в qemu

In QEMU 5.0.0, the hw/usb/hcd-ohci.c file contains an infinite loop when a TD list has a loop...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: USB: xHCI – Fix for isochronous Ring Underrun/Overrun event handling The TRB pointer associated with these events points to the enqueue location when an error occurs in xHCI 1.1+ HCs. In older versions, this pointer might be NULL...

EUVD-2017-15042

Malware in sbrugna...

EUVD-2015-8437

Malware in sbrugna...

kernel: xhci: handle isoc Babble and Buffer Overrun events properly

A flaw was found in the Linux kernel related to the Extensible Host Controller Interface xHCI subsystem, specifically how it handles certain events. The issue arises when the xHCI driver improperly handles isochronous isoc Babble and Buffer Overrun events. The vulnerability occurs because the xHC...

AZL-70159 CVE-2025-37882 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we are handling the event,...

DEBIAN-CVE-2025-37882

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we are handling the event,...

AZL-62753 CVE-2025-37882 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we are handling the event,...

kernel: xhci: Handle TD clearing for multiple streams case

A vulnerability was found in the Linux kernel's xHCI driver, related to the handling of TD when multiple streams are active, where the issue occurs when the endpoint is stopped, causing TD to remain uncleared, which can lead to system crashes and memory corruption due to stale TD references...

kernel: xhci: handle isoc Babble and Buffer Overrun events properly

A flaw was found in the Linux kernel related to the Extensible Host Controller Interface xHCI subsystem, specifically how it handles certain events. The issue arises when the xHCI driver improperly handles isochronous isoc Babble and Buffer Overrun events. The vulnerability occurs because the xHC...

SUSE CVE-2024-26659

In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes su...

DEBIAN-CVE-2024-26659

In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes su...

UBUNTU-CVE-2024-26659

In the Linux kernel, the following vulnerability has been resolved: xhci: handle isoc Babble and Buffer Overrun events properly xHCI 4.9 explicitly forbids assuming that the xHC has released its ownership of a multi-TRB TD when it reports an error on one of the early TRBs. Yet the driver makes su...

SUSE CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...

SUSE CVE-2020-25625

hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop...

DEBIAN-CVE-2020-25625

hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop...

UBUNTU-CVE-2020-25625

hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop...

EulerOS Virtualization for ARM 64 3.0.2.0 : qemu-kvm (EulerOS-SA-2020-1266)

According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In QEMU 3.0.0, tcpemu in slirp/tcpsubr.c has a heap-based buffer overflow.CVE-2019-6778 - A flaw was found in QEMU's...

Denial Of Service (DoS)

QEMU is vulnerable to denial of serviceDos attacks. This occurs in the xhcikickepctx function in hw/usb/hcd-xhci.c. An attacker could cause an infinite loop which results in a QEMU process crash via vectors related to control transfer descriptor sequence...

Design/Logic Flaw

The xhcikickepctx function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service infinite loop and QEMU process crash via vectors related to control transfer descriptor sequence...