CVE-2016-4037 — MEDIUM (6.0)

Q: How severe is CVE-2016-4037?

CVE-2016-4037 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-4037?

Check the references section above for vendor advisories and patch information. Affected products include: Fedoraproject Fedora, Canonical Ubuntu Linux, Qemu Qemu, Debian Debian Linux.

Vulnerability Description

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.

CVSS Score

6.0

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Fedoraproject	Fedora	22
Canonical	Ubuntu Linux	12.04
Qemu	Qemu	<= 2.5.1
Debian	Debian Linux	8.0

Related Weaknesses (CWE)

CWE-400

References

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1ae3f2f178087711f9591350abad13352
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.htmlMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.htmlMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.htmlMailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2016/04/18/3Mailing List
http://www.openwall.com/lists/oss-security/2016/04/18/6Mailing List
http://www.securityfocus.com/bid/86283Third Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-2974-1Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/11/msg00038.htmlMailing ListThird Party Advisory
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02691.htmlMailing ListPatchVendor Advisory
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02734.htmlMailing ListVendor Advisory
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=1ae3f2f178087711f9591350abad13352
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.htmlMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.htmlMailing ListThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.htmlMailing ListThird Party Advisory

FAQ

What is CVE-2016-4037?

CVE-2016-4037 is a vulnerability with a CVSS score of 6.0 (MEDIUM). The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous tran...

How severe is CVE-2016-4037?

CVE-2016-4037 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-4037?

Check the references section above for vendor advisories and patch information. Affected products include: Fedoraproject Fedora, Canonical Ubuntu Linux, Qemu Qemu, Debian Debian Linux.