CVE-2017-9375

Published: Jun 16, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=96d87bdda3919bb16f754b3d3fd1227e1f38f13c

x_refsource_CONFIRM

98915

vdb-entry

x_refsource_BID

https://bugzilla.redhat.com/show_bug.cgi?id=1458744

x_refsource_CONFIRM

DSA-3991

vendor-advisory

x_refsource_DEBIAN

RHSA-2017:2392

vendor-advisory

x_refsource_REDHAT

[oss-security] 20170605 CVE-2017-9375 Qemu: usb: xhci infinite recursive call via xhci_kick_ep

mailing-list

x_refsource_MLIST

RHSA-2017:2408

vendor-advisory

x_refsource_REDHAT

[debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-9375

Description

Affected Products

References