CVE-2016-8910

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name	Vendor	Start Version	End Version
Qemu	Qemu	*	2.7.1 (including)
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat OpenStack Platform 10.0 (Newton)	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat OpenStack Platform 11.0 (Ocata)	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat OpenStack Platform 8.0 (Liberty)	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat OpenStack Platform 9.0 (Mitaka)	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7	RedHat	qemu-kvm-rhev-10:2.9.0-14.el7	*
Qemu	Ubuntu	devel	*
Qemu	Ubuntu	trusty	*
Qemu	Ubuntu	xenial	*
Qemu	Ubuntu	yakkety	*
Qemu-kvm	Ubuntu	precise	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8910
CWE	https://cwe.mitre.org/data/definitions/835.html

Loop with Unreachable Exit Condition ('Infinite Loop')

Weakness

Affected Software

References