Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack due to failing to verify whether launcher-sock is a symlink or a regular file. An attacker that can access a virt-launcher pod's file system and has access to the host file system with the privileges of the qemu user and...

[SECURITY] [DLA 4296-1] qemu security update

Debian LTS Advisory DLA-4296-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón September 08, 2025 https://wiki.debian.org/LTS Package : qemu Version : 1:5.2+dfsg-11+deb11u5 CVE ID : CVE-2024-7409 Debian Bug : 1111844 Two security issues were discovered in...

DEBIAN-CVE-2025-38074

In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...

CVE-2025-38074

In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: protect vq-logused with vq-mutex The vhost-scsi completion path may access vq-logbase when vq-logused is already set to false. vhost-thread QEMU-thread vhostscsicompletecmdwork - vhostaddused - vhostaddusedn if...

USN-2736-1 spice vulnerability

Frediano Ziglio discovered that Spice incorrectly handled monitor configs. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attacke...