CVE-2017-9374
First published: Tue Jun 06 2017(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| QEMU qemu | <=2.8.1.1 | |
| debian/qemu | 1:5.2+dfsg-11+deb11u3 1:5.2+dfsg-11+deb11u2 1:7.2+dfsg-7+deb12u7 1:9.2.0+ds-2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://git.qemu.org/?p=qemu.git;a=commit;h=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
- http://www.debian.org/security/2017/dsa-3920
- http://www.openwall.com/lists/oss-security/2017/06/06/3
- http://www.securityfocus.com/bid/98905
- https://access.redhat.com/errata/RHSA-2017:2392
- https://access.redhat.com/errata/RHSA-2017:2408
- https://bugzilla.redhat.com/show_bug.cgi?id=1459132
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://launchpad.net/bugs/cve/CVE-2017-9374
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1459137
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
- http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
- https://security-tracker.debian.org/tracker/CVE-2017-9374
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9374
- https://nvd.nist.gov/vuln/detail/CVE-2017-9374
- https://ubuntu.com/security/CVE-2017-9374
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2017-9374.
What is the title of this vulnerability?
The title of this vulnerability is 'Memory leak in QEMU (aka Quick Emulator) when built with USB EHCI Emulation support allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the device.'
What is the severity level of CVE-2017-9374?
The severity level of CVE-2017-9374 is low.
How does CVE-2017-9374 affect the software?
CVE-2017-9374 affects the software QEMU when built with USB EHCI Emulation support.
How can CVE-2017-9374 be fixed?
CVE-2017-9374 can be fixed by applying the recommended patches provided by the software vendor.
- collector/nvd-index
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2017-9374
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/remedy
- agent/weakness
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/tags
- agent/description
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/trending
- vendor/qemu
- canonical/qemu qemu
- version/qemu qemu/2.8.1.1
- package-manager/debian