CVE-2017-9375 — Infinite Loop in Qemu

CWE-835 — Infinite Loop11 documents7 sources

Severity

5.5MEDIUMNVD

OSV7.8

EPSS

0.1%

top 72.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Debian Qemu Debian Linux

Timeline

PublishedJun 16

Latest updateMay 13

Description

QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/qemu< qemu 1:2.10.0-1 (bookworm)

▶Debianqemu/qemu< 1:2.10.0-1+3

▶Ubuntuqemu/qemu< 2.0.0+dfsg-2ubuntu1.36+3

▶NVDqemu/qemu2.8.1.1

Also affects: Debian Linux 8.0, 9.0

Patches

Patch: www.openwall.com ↗Patch: bugzilla.redhat.com ↗Patch: www.openwall.com ↗

🔴Vulnerability Details

GHSA

GHSA-ch69-jqvw-xgx5: QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (↗2022-05-13

▶

OSV

qemu regression↗2017-09-20

▶

OSV

qemu vulnerabilities↗2017-09-13

▶

OSV

CVE-2017-9375: QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (↗2017-06-16

▶

📋Vendor Advisories

Ubuntu

QEMU regression↗2017-09-20

▶

Ubuntu

QEMU vulnerabilities↗2017-09-13

▶

Red Hat

Qemu: usb: xhci infinite recursive call via xhci_kick_ep↗2017-02-02

▶

Debian

CVE-2017-9375: qemu - QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support,...↗2017

▶

💬Community

Bugzilla

CVE-2017-9375 Qemu: usb: xhci infinite recursive call via xhci_kick_ep [fedora-all]↗2017-06-05

▶

Bugzilla

CVE-2017-9375 Qemu: usb: xhci infinite recursive call via xhci_kick_ep↗2017-06-05

▶