ELSA-2026-1831

Опубликовано: 04 фев. 2026

Источник: oracle-oval

Платформа: Oracle Linux 10

Описание

ELSA-2026-1831: qemu-kvm security update (MODERATE)

[10.0.0-14.el10_1.5]

kvm-Revert-i386-cpu-Move-adjustment-of-CPUID_EXT_PDCM-be.patch [RHEL-135453]
Resolves: RHEL-135453 (Live migration after workload update fails with operation failed: guest CPU doesn't match specification: missing features: pdcm [rhel-10.1.z])

[10.0.0-14.el10_1.4]

kvm-file-posix-Handle-suspended-dm-multipath-better-for-.patch [RHEL-133521]
kvm-block-backend-Fix-race-when-resuming-queued-requests.patch [RHEL-133527]
Resolves: RHEL-133521 (The VM hit io error when do S3-PR integration on the pass-through failover multipath device [rhel-10.1.z])
Resolves: RHEL-133527 (Assertion failure on drain with iothread and I/O load [rhel-10.1.z])

[10.0.0-14.el10_1.3]

kvm-ram-block-attributes-fix-interaction-with-hugetlb-me.patch [RHEL-129549]
kvm-ram-block-attributes-Unify-the-retrieval-of-the-bloc.patch [RHEL-129549]
Resolves: RHEL-129549 ([RHEL 10]snp guest fail to boot with hugepage [rhel-10.1.z])

[10.0.0-14.el10_1.2]

kvm-io-move-websock-resource-release-to-close-method.patch [RHEL-120118]
kvm-io-fix-use-after-free-in-websocket-handshake-code.patch [RHEL-120118]
Resolves: RHEL-120118 (CVE-2025-11234 qemu-kvm: VNC WebSocket handshake use-after-free [rhel-10.1.z])

[10.0.0-14.el10_1.1]

kvm-arm-kvm-report-registers-we-failed-to-set.patch [RHEL-120074]
Resolves: RHEL-120074 ([rhel10] Backport 'arm/kvm: report registers we failed to set' [rhel-10.1.z])

Обновленные пакеты

Oracle Linux 10

Oracle Linux aarch64

qemu-guest-agent

10.0.0-14.el10_1.5

qemu-img

10.0.0-14.el10_1.5

qemu-kvm

10.0.0-14.el10_1.5

qemu-kvm-audio-pa

10.0.0-14.el10_1.5

qemu-kvm-block-blkio

10.0.0-14.el10_1.5

qemu-kvm-block-curl

10.0.0-14.el10_1.5

qemu-kvm-block-rbd

10.0.0-14.el10_1.5

qemu-kvm-common

10.0.0-14.el10_1.5

qemu-kvm-core

10.0.0-14.el10_1.5

qemu-kvm-device-display-virtio-gpu

10.0.0-14.el10_1.5

qemu-kvm-device-display-virtio-gpu-pci

10.0.0-14.el10_1.5

qemu-kvm-device-usb-host

10.0.0-14.el10_1.5

qemu-kvm-device-usb-redirect

10.0.0-14.el10_1.5

qemu-kvm-docs

10.0.0-14.el10_1.5

qemu-kvm-tools

10.0.0-14.el10_1.5

qemu-pr-helper

10.0.0-14.el10_1.5

Oracle Linux x86_64

qemu-guest-agent

10.0.0-14.el10_1.5

qemu-img

10.0.0-14.el10_1.5

qemu-kvm

10.0.0-14.el10_1.5

qemu-kvm-audio-pa

10.0.0-14.el10_1.5

qemu-kvm-block-blkio

10.0.0-14.el10_1.5

qemu-kvm-block-curl

10.0.0-14.el10_1.5

qemu-kvm-block-rbd

10.0.0-14.el10_1.5

qemu-kvm-common

10.0.0-14.el10_1.5

qemu-kvm-core

10.0.0-14.el10_1.5

qemu-kvm-device-display-virtio-gpu

10.0.0-14.el10_1.5

qemu-kvm-device-display-virtio-gpu-pci

10.0.0-14.el10_1.5

qemu-kvm-device-display-virtio-vga

10.0.0-14.el10_1.5

qemu-kvm-device-usb-host

10.0.0-14.el10_1.5

qemu-kvm-device-usb-redirect

10.0.0-14.el10_1.5

qemu-kvm-docs

10.0.0-14.el10_1.5

qemu-kvm-tools

10.0.0-14.el10_1.5

qemu-kvm-ui-egl-headless

10.0.0-14.el10_1.5

qemu-kvm-ui-opengl

10.0.0-14.el10_1.5

qemu-pr-helper

10.0.0-14.el10_1.5

Связанные CVE

CVE-2025-11234

Ссылки на источники

Связанные уязвимости

CVE-2025-11234

CVSS3: 7.5

ubuntu

4 месяца назад

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.