OESA-2025-2598 qemu security update

🗓️ 31 Oct 2025 14:13:44Reported by GoogleType

osv🔗 osv.dev👁 2 Views

QEMU security update fixes assertion failure in usb_ep_get() that could crash the host from an unprivileged guest (CVE-2024-8354).

Reporter	Title	Published	Views	Family All 79
Tenable Nessus	Amazon Linux 2 : qemu, --advisory ALAS2-2025-3031 (ALAS-2025-3031)	15 Oct 202500:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2026-1144)	31 Jan 202600:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.10.0 : qemu (EulerOS-SA-2026-1195)	31 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 8 : virt:kvm_utils3 (ELSA-2026-50118)	25 Feb 202600:00	–	nessus
Tenable Nessus	Oracle Linux 8 : virt:kvm_utils3 (ELSA-2026-50239)	27 Apr 202600:00	–	nessus
Tenable Nessus	Oracle Linux 9 : qemu-kvm (ELSA-2026-50241)	28 Apr 202600:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : qemu (SUSE-SU-2024:3744-1)	23 Oct 202400:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : qemu (SUSE-SU-2024:3948-1)	9 Nov 202400:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : qemu (SUSE-SU-2024:4094-1)	12 Dec 202400:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : qemu (SUSE-SU-2024:4304-1)	13 Dec 202400:00	–	nessus

Source	Link
openeuler	www.openeuler.org/zh/security/security-bulletins/detail/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-8354

31 Oct 2025 19:19Current

6Medium risk

Vulners AI Score6

CVSS 3.15.5

EPSS0.00045

SSVC