Wind River Support Network

HomeDefectsLIN6-11380

Fixed

LIN6-11380 : Security Advisory - qemu - CVE-2016-4037

Created: May 30, 2016 Updated: Jul 2, 2020

Resolved Date: Jun 19, 2016

Found In Version: 6.0.0.29

Fix Version: 6.0.0.30

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4037

Other Downloads

Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38