The remote Debian host is missing a security-related update.
Multiple vulnerabilities were found in qemu, a fast processor emulator : - CVE-2017-9310 Denial of service via infinite loop in e1000e NIC emulation. - CVE-2017-9330 Denial of service via infinite loop in USB OHCI emulation. - CVE-2017-9373 Denial of service via memory leak in IDE AHCI emulation. - CVE-2017-9374 Denial of service via memory leak in USB EHCI emulation. - CVE-2017-10664 Denial of service in qemu-nbd server. - CVE-2017-10911 Information leak in Xen blkif response handling.
Upgrade the qemu packages. For the oldstable distribution (jessie), a separate DSA will be issued. For the stable distribution (stretch), these problems have been fixed in version 1:2.8+dfsg-6+deb9u1.