05.08.2017 15:02, Christian Seiler wrote: >>> xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch >> >> What's the complete qemu command line? > > It's quite long (generated from libvirt), I posted that in the initial > bug report: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869807#5 > >> Does it include nec-xhci? > > Yes, it does: > > -device nec-usb-xhci,id=usb,bus=pci.0,addr=0x5 > > (I did configure XHCI in libvirt to be able to pass through > USB 3 devices.) > > And indeed, if I change that back to USB 2.0 in libvirt's configuration, > and install +deb9u1, the VM now boots again.
This is #869945, and the actual problem is not what you've posted but the xhci assertion failure. I'll merge this bug with #869945. Thanks, /mjt
