Описание
Security update for qemu
This update for qemu fixes the following issues:
- CVE-2023-1544: pvrdma: out-of-bounds read in pvrdma_ring_next_elem_read() (bsc#1209554).
- CVE-2025-11234: qemu-kvm: use-after-free in websocket handshake code can lead to denial of service (bsc#1250984).
- CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when processing specially crafted VMDK files (bsc#1258509).
Список пакетов
SUSE Linux Enterprise Server 12 SP5-LTSS
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Ссылки
- Link for SUSE-SU-2026:2406-1
- E-Mail link for SUSE-SU-2026:2406-1
- SUSE Security Ratings
- SUSE Bug 1209554
- SUSE Bug 1250984
- SUSE Bug 1258509
- SUSE CVE CVE-2023-1544 page
- SUSE CVE CVE-2025-11234 page
- SUSE CVE CVE-2026-2243 page
Описание
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU.
Затронутые продукты
Ссылки
- CVE-2023-1544
- SUSE Bug 1209554
Описание
A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.
Затронутые продукты
Ссылки
- CVE-2025-11234
- SUSE Bug 1250984
Описание
A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of sensitive information or a denial of service condition (DoS).
Затронутые продукты
Ссылки
- CVE-2026-2243
- SUSE Bug 1258509