CVE-2017-9330

MEDIUM

QEMU <2.9.0 - DoS

Title source: llm

Description

QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.

References (7)

Scores

CVSS v3 5.6
EPSS 0.0007
EPSS Percentile 21.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Details

CWE
CWE-835
Status published
Products (4)
qemu/qemu < 2.8.1.1
debian/debian_linux
debian/debian_linux
n/a/n/a
Published Jun 08, 2017
Tracked Since Feb 18, 2026