CVE-2016-8909

The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
Configurations

Configuration 1 (hide)

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

History

12 Feb 2023, 23:26

Type Values Removed Values Added
Summary CVE-2016-8909 Qemu: audio: intel-hda: infinite loop in processing dma buffer stream The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
References
  • {'url': 'https://access.redhat.com/security/cve/CVE-2016-8909', 'name': 'https://access.redhat.com/security/cve/CVE-2016-8909', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1388052', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1388052', 'tags': [], 'refsource': 'MISC'}

02 Feb 2023, 21:17

Type Values Removed Values Added
Summary The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position. CVE-2016-8909 Qemu: audio: intel-hda: infinite loop in processing dma buffer stream
References
  • (MISC) https://access.redhat.com/security/cve/CVE-2016-8909 -
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1388052 -

04 Aug 2021, 17:15

Type Values Removed Values Added
CPE cpe:2.3:a:redhat:openstack:9.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:11.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*

Information

Published : 2016-11-04 21:59

Updated : 2023-12-10 11:46


NVD link : CVE-2016-8909

Mitre link : CVE-2016-8909

CVE.ORG link : CVE-2016-8909


JSON object : View

Products Affected

redhat

  • openstack
  • enterprise_linux
  • virtualization

opensuse

  • leap

qemu

  • qemu

debian

  • debian_linux
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')