CVE-2016-7466 in QEMUinfo

Summary

Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

09/09/2016

Disclosure

12/09/2016

Moderation

VulDB entry created

Entries

VDB-94010 (1)

CPE

ready

CWE

CWE-399 (Confirmed)

CVSS

6.0

EPSS

0.00094

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7466
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7466
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7466/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!