SUSE-SU-2026:21883-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

Astra Linux - уязвимость в qemu

A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service DoS on the host system by causing the QEMU process to terminate...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case. Otherwise there is a...

qemu-kvm security update

7.2.0-37.el9 - hashing: use mmap/munmap for isal functions Elena Ufimtseva Orabug: 39165991 - multifd: replace allocations/free with mmap/munmap Elena Ufimtseva Orabug: 39165991 - pagecache: use mmap based data pool for cache items Elena Ufimtseva Orabug: 39165991 - pagecache: change cache...

OESA-2026-1992 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation...

OESA-2026-1991 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation...

OESA-2026-1990 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation...

OESA-2026-1989 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation...

OESA-2026-1988 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation...

SUSE SLES15 Security Update : qemu (SUSE-SU-2026:0889-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0889-1 advisory. This update for qemu fixes the following issue: - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. Tenable has...

Security update for qemu (moderate)

openSUSE security update: security update for qemu ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20357-1 Rating: moderate References: bsc1255400 bsc1256484 bsc1257474 bsc1257492 Cross-References: CVE-2025-14876 CVE-2026-0665 CVSS scores:...

OPENSUSE-SU-2026:20357-1 Security update for qemu

This update for qemu fixes the following issues: - Update to version 10.0.8 - CVE-2025-14876: Fixed unbounded allocation in virtio-crypto. bsc1255400 - CVE-2026-0665: Fixed PIRQ bounds check in xenphysdevmappirq. bsc1256484...

SUSE-SU-2026:20693-1 Security update for qemu

This update for qemu fixes the following issues: - Update to version 10.0.8 - CVE-2025-14876: Fixed unbounded allocation in virtio-crypto. bsc1255400 - CVE-2026-0665: Fixed PIRQ bounds check in xenphysdevmappirq. bsc1256484...

Security update for qemu

This update for qemu fixes the following issue: CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

SUSE-SU-2026:0889-1 Security update for qemu

This update for qemu fixes the following issue: - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400...

SUSE-SU-2026:20666-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2025-14876: Fixed unbounded allocation in virtio-crypto. bsc1255400 - CVE-2026-0665: Fixed PIRQ bounds check in xenphysdevmappirq. bsc1256484...

SUSE-SU-2026:20716-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2025-14876: Fixed unbounded allocation in virtio-crypto. bsc1255400 - CVE-2026-0665: Fixed PIRQ bounds check in xenphysdevmappirq. bsc1256484...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2026:0832-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0832-1 advisory. Security issue: - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. Non security issues: -...

TencentOS Server 4: qemu (TSSA-2026:0110)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0110 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : QEMU vulnerabilities (USN-8073-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8073-1 advisory. It was discovered that the UHCI controller implementation of QEMU could be brought into an invalid state. An attacker inside the gues...