{"id":"CVE-2014-9718","details":"The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions.","modified":"2026-02-04T04:09:32.594191Z","published":"2015-04-21T16:59:00Z","related":["SUSE-SU-2016:0873-1","SUSE-SU-2016:0955-1","SUSE-SU-2016:1318-1","SUSE-SU-2016:1560-1","SUSE-SU-2016:1698-1","SUSE-SU-2016:1745-1","SUSE-SU-2016:1785-1"],"references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2015/dsa-3259"},{"type":"WEB","url":"http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3251bdcf1c67427d964517053c3d185b46e618e8"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2015/04/20/7"},{"type":"WEB","url":"http://www.securityfocus.com/bid/73316"}],"schema_version":"1.7.3"}