ID CVE-2017-5987
Summary The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.
References
Vulnerable Configurations
  • QEMU
    cpe:2.3:a:qemu:qemu
CVSS
Base: 2.1 (as of 22-03-2017 - 14:59)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
refmap via4
bid 96263
confirm
gentoo GLSA-201704-01
mlist
  • [oss-security] 20170214 CVE-2017-5987 Qemu: sd: infinite loop issue in multi block transfers
  • [qemu-devel] 20170213 Re: [Qemu-devel] [PATCH v3 1/4] sd: sdhci: check transfer mode register in multi block transfer
Last major update 22-03-2017 - 15:52
Published 20-03-2017 - 12:59
Last modified 30-06-2017 - 21:30
Back to Top