Количество 15
Количество 15
BDU:2025-16063
Уязвимость эмулятора аппаратного обеспечения QEMU, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2025-11234
A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.
CVE-2025-11234
A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.
CVE-2025-11234
A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.
CVE-2025-11234
Qemu-kvm: vnc websocket handshake use-after-free
CVE-2025-11234
A flaw was found in QEMU. If the QIOChannelWebsock object is freed whi ...
SUSE-SU-2026:0436-1
Security update for qemu
RLSA-2026:1831
Moderate: qemu-kvm security update
GHSA-hm8v-8c3v-cxfq
A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.
ELSA-2026-1831
ELSA-2026-1831: qemu-kvm security update (MODERATE)
openSUSE-SU-2025:20171-1
Security update for qemu
SUSE-SU-2026:0288-1
Security update for qemu
SUSE-SU-2026:0022-1
Security update for qemu
ELSA-2026-50118
ELSA-2026-50118: virt:kvm_utils3 security update (MODERATE)
SUSE-SU-2026:0039-1
Security update for qemu
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-16063 Уязвимость эмулятора аппаратного обеспечения QEMU, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-11234 A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication. | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-11234 A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication. | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-11234 A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication. | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-11234 Qemu-kvm: vnc websocket handshake use-after-free | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
| CVE-2025-11234 A flaw was found in QEMU. If the QIOChannelWebsock object is freed whi ... | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
 | SUSE-SU-2026:0436-1 Security update for qemu | 0% Низкий | около 2 месяцев назад | |
 | RLSA-2026:1831 Moderate: qemu-kvm security update | 0% Низкий | около 2 месяцев назад | |
| GHSA-hm8v-8c3v-cxfq A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication. | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
| ELSA-2026-1831 ELSA-2026-1831: qemu-kvm security update (MODERATE) | около 2 месяцев назад | ||
| openSUSE-SU-2025:20171-1 Security update for qemu | 3 месяца назад | ||
| SUSE-SU-2026:0288-1 Security update for qemu | 2 месяца назад | ||
| SUSE-SU-2026:0022-1 Security update for qemu | 3 месяца назад | ||
| ELSA-2026-50118 ELSA-2026-50118: virt:kvm_utils3 security update (MODERATE) | около 1 месяца назад | ||
| SUSE-SU-2026:0039-1 Security update for qemu | 3 месяца назад |
Уязвимостей на страницу