Main Vulnerability Database SB2025122929

SB2025122929 - SUSE update for qemu

Published: December 29, 2025

Security Bulletin ID SB2025122929

Severity

Medium

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2025-11234)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error in websocket handshake code in /io/channel-websock.c. A remote attacker with network access to the VNC WebSocket port can perform a denial of service during the WebSocket handshake prior to the VNC client authentication.

2) Stack-based buffer overflow (CVE-ID: CVE-2025-12464)

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a boundary error within the e1000_receive_iov() function. A local user or malicious guest can send a short frame in loopback mode, trigger a stack-based buffer overflow and perform a denial of service attack.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2025/suse-su-202521230-1/

Vulnerable Software

SUSE Linux Micro: 6.2
qemu-s390x: before 10.0.7-160000.1.1
qemu-hw-s390x-virtio-gpu-ccw-debuginfo: before 10.0.7-160000.1.1
qemu-hw-s390x-virtio-gpu-ccw: before 10.0.7-160000.1.1
qemu-s390x-debuginfo: before 10.0.7-160000.1.1
qemu-ppc: before 10.0.7-160000.1.1
qemu-ppc-debuginfo: before 10.0.7-160000.1.1
qemu-arm: before 10.0.7-160000.1.1
qemu-arm-debuginfo: before 10.0.7-160000.1.1
qemu-vmsr-helper: before 10.0.7-160000.1.1
qemu-x86: before 10.0.7-160000.1.1
qemu-vmsr-helper-debuginfo: before 10.0.7-160000.1.1
qemu-x86-debuginfo: before 10.0.7-160000.1.1
qemu-lang: before 10.0.7-160000.1.1
qemu-vgabios: before 10.0.71.16.3_3_g3d33c746-160000.1.1
qemu-ipxe: before 10.0.7-160000.1.1
qemu-SLOF: before 10.0.7-160000.1.1
qemu-seabios: before 10.0.71.16.3_3_g3d33c746-160000.1.1
qemu-img-debuginfo: before 10.0.7-160000.1.1
qemu-hw-display-virtio-gpu-debuginfo: before 10.0.7-160000.1.1
qemu-tools-debuginfo: before 10.0.7-160000.1.1
qemu-block-iscsi: before 10.0.7-160000.1.1
qemu-hw-display-virtio-vga-debuginfo: before 10.0.7-160000.1.1
qemu-hw-usb-redirect-debuginfo: before 10.0.7-160000.1.1
qemu-ui-opengl: before 10.0.7-160000.1.1
qemu-img: before 10.0.7-160000.1.1
qemu-audio-spice-debuginfo: before 10.0.7-160000.1.1
qemu-hw-display-qxl: before 10.0.7-160000.1.1
qemu-ksm: before 10.0.7-160000.1.1
qemu-hw-display-qxl-debuginfo: before 10.0.7-160000.1.1
qemu: before 10.0.7-160000.1.1
qemu-pr-helper-debuginfo: before 10.0.7-160000.1.1
qemu-guest-agent: before 10.0.7-160000.1.1
qemu-hw-display-virtio-gpu-pci-debuginfo: before 10.0.7-160000.1.1
qemu-ui-opengl-debuginfo: before 10.0.7-160000.1.1
qemu-hw-display-virtio-gpu-pci: before 10.0.7-160000.1.1
qemu-ui-spice-core-debuginfo: before 10.0.7-160000.1.1
qemu-block-iscsi-debuginfo: before 10.0.7-160000.1.1
qemu-hw-usb-host-debuginfo: before 10.0.7-160000.1.1
qemu-hw-usb-redirect: before 10.0.7-160000.1.1
qemu-chardev-spice-debuginfo: before 10.0.7-160000.1.1
qemu-ui-spice-core: before 10.0.7-160000.1.1
qemu-pr-helper: before 10.0.7-160000.1.1
qemu-debuginfo: before 10.0.7-160000.1.1
qemu-block-ssh-debuginfo: before 10.0.7-160000.1.1
qemu-hw-display-virtio-vga: before 10.0.7-160000.1.1
qemu-debugsource: before 10.0.7-160000.1.1
qemu-audio-spice: before 10.0.7-160000.1.1
qemu-hw-usb-host: before 10.0.7-160000.1.1
qemu-guest-agent-debuginfo: before 10.0.7-160000.1.1
qemu-hw-display-virtio-gpu: before 10.0.7-160000.1.1
qemu-tools: before 10.0.7-160000.1.1
qemu-block-ssh: before 10.0.7-160000.1.1
qemu-chardev-spice: before 10.0.7-160000.1.1