Memory Leak in QEMU's usb_xhci_exit Function Allows DoS via USB Device Unplugging

Memory Leak in QEMU's usb_xhci_exit Function Allows DoS via USB Device Unplugging

CVE-2016-7466 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device.

Learn more about our Web Application Penetration Testing UK.