CVE-2026-34177

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden lxd/project/limits/permissions.go, which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote...

Kernel-Dojo-Labs

Kernel-Dojo Lab An interactive practice environment for the...

GHSA-47JG-VQRV-5F8V vulnerabilities

Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-aws, linux-vmware, linux-azure...

CVE-2026-46300 vulnerabilities

Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-aws, linux-vmware, linux-azure...

SUSE-SU-2026:21883-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

RHSA-2026:22147 Red Hat Security Advisory: qemu-kvm security update

Bulletin has no description...

Low: Red Hat Security Advisory: qemu-kvm security update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

qemu-kvm: VNC WebSocket handshake use-after-free

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...

qemu-kvm security update

An update is available for qemu-kvm. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM is a full virtualization solution for Linu...

RLSA-2026:18465 Important: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: EDK2: Improper Input Validation allows arbitrary command execution CVE-2025-2296 For more details about the security...

RLSA-2026:18772 Moderate: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: qemu-kvm: VNC WebSocket handshake use-after-free CVE-2025-11234 For more...

qemu-kvm security update

An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM is a full virtualization solution for Linux...

SUSE-SU-2026:21912-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

CVE-2026-49237 Local Privilege Escalation in Canonical Multipass

An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd daemon binary to root:wheel, five co-located binaries multipass, qemu-img, qemu-system-aarch64,...

CVE-2026-49237

An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd daemon binary to root:wheel, five co-located binaries multipass, qemu-img, qemu-system-aarch64,...

RockyLinux 9 : qemu-kvm (RLSA-2026:18772)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18772 advisory. qemu-kvm: VNC WebSocket handshake use-after-free CVE-2025-11234 Tenable has extracted the preceding description block directly from the RockyLinux security...

EUVD-2026-32454

In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to rununpack rununpack checks runbuf runlast at the top of the while loop but then reads sizesize and offsetsize bytes via rununpacks64 without verifying they fit within the remaining buffer. A...

CLSA-2026-1779580341 qemu-kvm: Fix of CVE-2025-11234

CVE-2025-11234: io: use-after-free in websocket handshake code - Bump leading release 14 - 15 to overcome rpm-version-rank trap: previously released wrong-dist builds tagged .el9 outrank the correctly-tagged .el92 builds, blocking the proper release to stable. No source/code changes vs els9...

RHSA-2026:18772 Red Hat Security Advisory: qemu-kvm security update

Bulletin has no description...

RHSA-2026:18479 Red Hat Security Advisory: qemu-kvm security update

Bulletin has no description...