Medium severity6.0NVD Advisory· Published Nov 4, 2016· Updated May 6, 2026
CVE-2016-8909
CVE-2016-8909
Description
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.openwall.com/lists/oss-security/2016/10/24/1nvdMailing ListPatchThird Party Advisory
- lists.gnu.org/archive/html/qemu-devel/2016-10/msg04682.htmlnvdPatchThird Party Advisory
- lists.opensuse.org/opensuse-updates/2016-12/msg00140.htmlnvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2016/10/24/4nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/93842nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:2392nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2408nvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/11/msg00038.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/201611-11nvdThird Party Advisory
News mentions
0No linked articles in our index yet.