UBUNTU-CVE-2025-11234

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network acces...

SUSE: Security Advisory for qemu (SUSE-SU-2015:0896-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 11.3 Security Update : kvm (SAT Patch Number 10645)

This update for KVM fixes an issue in the virtio-blk driver which could result in incorrectly setting its WCE configuration. Under some circumstances, this misconfiguration could cause severe file system corruption, because cache flushes were not generated as they ought to have been. The update...

USN-2608-1: QEMU vulnerabilities

Jason Geffner discovered that QEMU incorrectly handled the virtual floppy driver. This issue is known as VENOM. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, wh...

Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2608-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2608-1 advisory. Jason Geffner discovered that QEMU incorrectly handled the virtual floppy driver. This issue is known as VENOM. A malicious guest could use this issue to...

SUSE-SU-2015:0896-1 Security update for qemu

qemu / kvm was updated to fix a security issue and some bugs. Security issue fixed: CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation, which could be used to denial of service attacks or potential code execution against the host. CVE-2015-1779: Fixed insufficient resource...