Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 26/08/2014 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows malicious users to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu 1.6.0

Several security issues were fixed in QEMU ...

CWE-119 http://www.openwall.com/lists/oss-security/2014/08/04/1 https://bugzilla.redhat.com/show_bug.cgi?id=1126543 http://www.openwall.com/lists/oss-security/2014/08/16/1 http://www.ubuntu.com/usn/USN-2409-1 http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=3afca1d6d413592c2b78cf28f52fa24a586d8f56 https://usn.ubuntu.com/2409-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-5263

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect