Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-54567

Опубликовано: 25 июл. 2025
Источник: redhat
CVSS3: 4.2
EPSS Низкий

Описание

hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.

A flaw was found in QEMU. The PCIE SR-IOV emulation within QEMU incorrectly handles write masks for the VF Enable bit. This vulnerability allows an attacker with adjacent network access to trigger unexpected behavior. Mishandling occurs due to a logic error in hw/pci/pcie_sriov.c. Exploitation involves crafting a malicious network packet that can result in a denial of service.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10qemu-kvmFix deferred
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvm-maNot affected
Red Hat Enterprise Linux 8virt-devel:rhel/qemu-kvmNot affected
Red Hat Enterprise Linux 8virt:rhel/qemu-kvmNot affected
Red Hat Enterprise Linux 8 Advanced Virtualizationvirt:8.2/qemu-kvmNot affected
Red Hat Enterprise Linux 8 Advanced Virtualizationvirt:av/qemu-kvmNot affected
Red Hat Enterprise Linux 8 Advanced Virtualizationvirt-devel:8.2/qemu-kvmNot affected
Red Hat Enterprise Linux 9qemu-kvmNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-684
https://bugzilla.redhat.com/show_bug.cgi?id=2383340qemu-kvm: QEMU SR-IOV Enable Mask Vulnerability

EPSS

Процентиль: 0%
0.00008
Низкий

4.2 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-54567

CVSS3: 4.2
ubuntu
3 месяца назад

hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.

nvd логотип

CVE-2025-54567

CVSS3: 4.2
nvd
3 месяца назад

hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.

msrc логотип

CVE-2025-54567

msrc
2 месяца назад

hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.

debian логотип

CVE-2025-54567

CVSS3: 4.2
debian
3 месяца назад

hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bi ...

github логотип

GHSA-c2q6-w8rj-wvhw

CVSS3: 4.2
github
3 месяца назад

hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.

EPSS

Процентиль: 0%
0.00008
Низкий

4.2 Medium

CVSS3