QEMU 'hw/sd/sdhci.c' Denial of Service Vulnerability

QEMU is prone to a denial-of-service vulnerability.

Attackers can exploit this issue to crash the QEMU instance, resulting in a denial-of-service condition.

Information

Bugtraq ID: 96263
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-5987

Remote: Yes
Local: No
Published: Feb 14 2017 12:00AM
Updated: Apr 15 2017 01:04AM
Credit: Jiang Xin of Huawei.com and Wjjzhang of Tencent.com.
Vulnerable: QEMU QEMU 0
Gentoo Linux

Not Vulnerable:

References:

• CVE-2017-5987 Qemu: sd: infinite loop issue in multi block transfers (QEMU)
  
• QEMU Homepage (QEMU)
  
• Re: [Qemu-devel] [PATCH v3 1/4] sd: sdhci: check transfer mode register (QEMU)
  

Source: www.securityfocus.com