VYPR

rpm package

suse/qemu&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Vulnerabilities (4)

  • CVE-2026-2243MedFeb 19, 2026
    affected < 3.1.1.1-84.1fixed 3.1.1.1-84.1

    A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of sensitive information or a denial of service condition (DoS).

  • CVE-2025-11234HigOct 3, 2025
    affected < 3.1.1.1-84.1fixed 3.1.1.1-84.1

    A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client w

  • CVE-2024-7409HigAug 5, 2024
    affected < 3.1.1.1-78.1fixed 3.1.1.1-78.1

    A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.

  • CVE-2023-1544Mar 23, 2023
    affected < 3.1.1.1-81.1fixed 3.1.1.1-81.1

    A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds re