The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qemu | Qemu | * | 2.7.1 (including) |
| Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 | RedHat | qemu-kvm-rhev-10:2.9.0-10.el7 | * |
| Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 | RedHat | qemu-kvm-rhev-10:2.9.0-10.el7 | * |
| Red Hat OpenStack Platform 10.0 (Newton) | RedHat | qemu-kvm-rhev-10:2.9.0-10.el7 | * |
| Red Hat OpenStack Platform 11.0 (Ocata) | RedHat | qemu-kvm-rhev-10:2.9.0-10.el7 | * |
| Red Hat OpenStack Platform 8.0 (Liberty) | RedHat | qemu-kvm-rhev-10:2.9.0-10.el7 | * |
| Red Hat OpenStack Platform 9.0 (Mitaka) | RedHat | qemu-kvm-rhev-10:2.9.0-10.el7 | * |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 | RedHat | qemu-kvm-rhev-10:2.9.0-14.el7 | * |
| Qemu | Ubuntu | devel | * |
| Qemu | Ubuntu | trusty | * |
| Qemu | Ubuntu | xenial | * |
| Qemu | Ubuntu | yakkety | * |
| Qemu-kvm | Ubuntu | precise | * |