SUSE-SU-2026:0436-1

Опубликовано: 11 фев. 2026

Источник: suse-cvrf

Описание

Security update for qemu

This update for qemu fixes the following issues:

CVE-2025-11234: Fixed use-after-free in websocket handshake code can lead to denial of service (bsc#1250984).

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

qemu-6.2.0-150400.37.49.1

qemu-accel-tcg-x86-6.2.0-150400.37.49.1

qemu-arm-6.2.0-150400.37.49.1

qemu-audio-alsa-6.2.0-150400.37.49.1

qemu-audio-pa-6.2.0-150400.37.49.1

qemu-audio-spice-6.2.0-150400.37.49.1

qemu-block-curl-6.2.0-150400.37.49.1

qemu-block-iscsi-6.2.0-150400.37.49.1

qemu-block-rbd-6.2.0-150400.37.49.1

qemu-block-ssh-6.2.0-150400.37.49.1

qemu-chardev-baum-6.2.0-150400.37.49.1

qemu-chardev-spice-6.2.0-150400.37.49.1

qemu-guest-agent-6.2.0-150400.37.49.1

qemu-hw-display-qxl-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.49.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.49.1

qemu-hw-usb-host-6.2.0-150400.37.49.1

qemu-hw-usb-redirect-6.2.0-150400.37.49.1

qemu-ipxe-1.0.0+-150400.37.49.1

qemu-ksm-6.2.0-150400.37.49.1

qemu-kvm-6.2.0-150400.37.49.1

qemu-lang-6.2.0-150400.37.49.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-sgabios-8-150400.37.49.1

qemu-tools-6.2.0-150400.37.49.1

qemu-ui-curses-6.2.0-150400.37.49.1

qemu-ui-gtk-6.2.0-150400.37.49.1

qemu-ui-opengl-6.2.0-150400.37.49.1

qemu-ui-spice-app-6.2.0-150400.37.49.1

qemu-ui-spice-core-6.2.0-150400.37.49.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-x86-6.2.0-150400.37.49.1

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

qemu-6.2.0-150400.37.49.1

qemu-accel-tcg-x86-6.2.0-150400.37.49.1

qemu-arm-6.2.0-150400.37.49.1

qemu-audio-alsa-6.2.0-150400.37.49.1

qemu-audio-pa-6.2.0-150400.37.49.1

qemu-audio-spice-6.2.0-150400.37.49.1

qemu-block-curl-6.2.0-150400.37.49.1

qemu-block-iscsi-6.2.0-150400.37.49.1

qemu-block-rbd-6.2.0-150400.37.49.1

qemu-block-ssh-6.2.0-150400.37.49.1

qemu-chardev-baum-6.2.0-150400.37.49.1

qemu-chardev-spice-6.2.0-150400.37.49.1

qemu-guest-agent-6.2.0-150400.37.49.1

qemu-hw-display-qxl-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.49.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.49.1

qemu-hw-usb-host-6.2.0-150400.37.49.1

qemu-hw-usb-redirect-6.2.0-150400.37.49.1

qemu-ipxe-1.0.0+-150400.37.49.1

qemu-ksm-6.2.0-150400.37.49.1

qemu-kvm-6.2.0-150400.37.49.1

qemu-lang-6.2.0-150400.37.49.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-sgabios-8-150400.37.49.1

qemu-tools-6.2.0-150400.37.49.1

qemu-ui-curses-6.2.0-150400.37.49.1

qemu-ui-gtk-6.2.0-150400.37.49.1

qemu-ui-opengl-6.2.0-150400.37.49.1

qemu-ui-spice-app-6.2.0-150400.37.49.1

qemu-ui-spice-core-6.2.0-150400.37.49.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-x86-6.2.0-150400.37.49.1

SUSE Linux Enterprise Micro 5.3

qemu-6.2.0-150400.37.49.1

qemu-accel-tcg-x86-6.2.0-150400.37.49.1

qemu-arm-6.2.0-150400.37.49.1

qemu-audio-spice-6.2.0-150400.37.49.1

qemu-chardev-spice-6.2.0-150400.37.49.1

qemu-guest-agent-6.2.0-150400.37.49.1

qemu-hw-display-qxl-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.49.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.49.1

qemu-hw-usb-redirect-6.2.0-150400.37.49.1

qemu-ipxe-1.0.0+-150400.37.49.1

qemu-s390x-6.2.0-150400.37.49.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-sgabios-8-150400.37.49.1

qemu-tools-6.2.0-150400.37.49.1

qemu-ui-opengl-6.2.0-150400.37.49.1

qemu-ui-spice-core-6.2.0-150400.37.49.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-x86-6.2.0-150400.37.49.1

SUSE Linux Enterprise Micro 5.4

qemu-6.2.0-150400.37.49.1

qemu-accel-tcg-x86-6.2.0-150400.37.49.1

qemu-arm-6.2.0-150400.37.49.1

qemu-audio-spice-6.2.0-150400.37.49.1

qemu-chardev-spice-6.2.0-150400.37.49.1

qemu-guest-agent-6.2.0-150400.37.49.1

qemu-hw-display-qxl-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.49.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.49.1

qemu-hw-usb-redirect-6.2.0-150400.37.49.1

qemu-ipxe-1.0.0+-150400.37.49.1

qemu-s390x-6.2.0-150400.37.49.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-sgabios-8-150400.37.49.1

qemu-tools-6.2.0-150400.37.49.1

qemu-ui-opengl-6.2.0-150400.37.49.1

qemu-ui-spice-core-6.2.0-150400.37.49.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-x86-6.2.0-150400.37.49.1

SUSE Linux Enterprise Server 15 SP4-LTSS

qemu-6.2.0-150400.37.49.1

qemu-SLOF-6.2.0-150400.37.49.1

qemu-accel-tcg-x86-6.2.0-150400.37.49.1

qemu-arm-6.2.0-150400.37.49.1

qemu-audio-alsa-6.2.0-150400.37.49.1

qemu-audio-pa-6.2.0-150400.37.49.1

qemu-audio-spice-6.2.0-150400.37.49.1

qemu-block-curl-6.2.0-150400.37.49.1

qemu-block-iscsi-6.2.0-150400.37.49.1

qemu-block-rbd-6.2.0-150400.37.49.1

qemu-block-ssh-6.2.0-150400.37.49.1

qemu-chardev-baum-6.2.0-150400.37.49.1

qemu-chardev-spice-6.2.0-150400.37.49.1

qemu-guest-agent-6.2.0-150400.37.49.1

qemu-hw-display-qxl-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.49.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.49.1

qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.49.1

qemu-hw-usb-host-6.2.0-150400.37.49.1

qemu-hw-usb-redirect-6.2.0-150400.37.49.1

qemu-ipxe-1.0.0+-150400.37.49.1

qemu-ksm-6.2.0-150400.37.49.1

qemu-kvm-6.2.0-150400.37.49.1

qemu-lang-6.2.0-150400.37.49.1

qemu-ppc-6.2.0-150400.37.49.1

qemu-s390x-6.2.0-150400.37.49.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-sgabios-8-150400.37.49.1

qemu-skiboot-6.2.0-150400.37.49.1

qemu-tools-6.2.0-150400.37.49.1

qemu-ui-curses-6.2.0-150400.37.49.1

qemu-ui-gtk-6.2.0-150400.37.49.1

qemu-ui-opengl-6.2.0-150400.37.49.1

qemu-ui-spice-app-6.2.0-150400.37.49.1

qemu-ui-spice-core-6.2.0-150400.37.49.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-x86-6.2.0-150400.37.49.1

SUSE Linux Enterprise Server for SAP Applications 15 SP4

qemu-6.2.0-150400.37.49.1

qemu-SLOF-6.2.0-150400.37.49.1

qemu-accel-tcg-x86-6.2.0-150400.37.49.1

qemu-audio-alsa-6.2.0-150400.37.49.1

qemu-audio-pa-6.2.0-150400.37.49.1

qemu-audio-spice-6.2.0-150400.37.49.1

qemu-block-curl-6.2.0-150400.37.49.1

qemu-block-iscsi-6.2.0-150400.37.49.1

qemu-block-rbd-6.2.0-150400.37.49.1

qemu-block-ssh-6.2.0-150400.37.49.1

qemu-chardev-baum-6.2.0-150400.37.49.1

qemu-chardev-spice-6.2.0-150400.37.49.1

qemu-guest-agent-6.2.0-150400.37.49.1

qemu-hw-display-qxl-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-6.2.0-150400.37.49.1

qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.49.1

qemu-hw-display-virtio-vga-6.2.0-150400.37.49.1

qemu-hw-usb-host-6.2.0-150400.37.49.1

qemu-hw-usb-redirect-6.2.0-150400.37.49.1

qemu-ipxe-1.0.0+-150400.37.49.1

qemu-ksm-6.2.0-150400.37.49.1

qemu-kvm-6.2.0-150400.37.49.1

qemu-lang-6.2.0-150400.37.49.1

qemu-ppc-6.2.0-150400.37.49.1

qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-sgabios-8-150400.37.49.1

qemu-skiboot-6.2.0-150400.37.49.1

qemu-tools-6.2.0-150400.37.49.1

qemu-ui-curses-6.2.0-150400.37.49.1

qemu-ui-gtk-6.2.0-150400.37.49.1

qemu-ui-opengl-6.2.0-150400.37.49.1

qemu-ui-spice-app-6.2.0-150400.37.49.1

qemu-ui-spice-core-6.2.0-150400.37.49.1

qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.49.1

qemu-x86-6.2.0-150400.37.49.1

Ссылки

https://www.suse.com/support/update/announcement/2026/suse-su-20260436-1/
Link for SUSE-SU-2026:0436-1
https://lists.suse.com/pipermail/sle-security-updates/2026-February/024112.html
E-Mail link for SUSE-SU-2026:0436-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1250984
SUSE Bug 1250984
https://www.suse.com/security/cve/CVE-2025-11234/
SUSE CVE CVE-2025-11234 page

Описание

A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.

Затронутые продукты

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-6.2.0-150400.37.49.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-accel-tcg-x86-6.2.0-150400.37.49.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-arm-6.2.0-150400.37.49.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:qemu-audio-alsa-6.2.0-150400.37.49.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-11234.html
CVE-2025-11234
https://bugzilla.suse.com/1250984
SUSE Bug 1250984

SUSE-SU-2026:0436-1

Описание

Список пакетов

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

SUSE Linux Enterprise Micro 5.3

SUSE Linux Enterprise Micro 5.4

SUSE Linux Enterprise Server 15 SP4-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP4

Ссылки

Уязвимость: CVE-2025-11234

Описание

Затронутые продукты

Ссылки