[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2025:20171-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":59,"epss":9,"epss_history":60,"metrics":61,"affected":62},"OPENSUSE-SU-2025:20171-1","Security update for qemu\n\nThis update for qemu fixes the following issues:\n\nUpdate to version 10.0.7.\n\nSecurity issues fixed:\n\n- CVE-2025-12464: stack-based buffer overflow in the e1000 network device operations can be exploited by a malicious\n  guest user to crash the QEMU process on the host (bsc#1253002).\n- CVE-2025-11234: use-after-free in WebSocket handshake operations can be exploited by a malicious client with network\n  access to the VNC WebSocket port to cause a denial-of-service (bsc#1250984).\n\nOther updates and bugfixes:\n\n- Version 10.0.7:\n  * kvm: Fix kvm_vm_ioctl() and kvm_device_ioctl() return value\n  * docs/devel: Update URL for make-pullreq script\n  * target/arm: Fix assert on BRA.\n  * hw/aspeed/{xdma, rtc, sdhci}: Fix endianness to DEVICE_LITTLE_ENDIAN\n  * hw/core/machine: Provide a description for aux-ram-share property\n  * hw/pci: Make msix_init take a uint32_t for nentries\n  * block/io_uring: avoid potentially getting stuck after resubmit at the end of ioq_submit()\n  * block-backend: Fix race when resuming queued requests\n  * ui/vnc: Fix qemu abort when query vnc info\n  * chardev/char-pty: Do not ignore chr_write() failures\n  * hw/display/exynos4210_fimd: Account for zero length in fimd_update_memory_section()\n  * hw/arm/armv7m: Disable reentrancy guard for v7m_sysreg_ns_ops MRs\n  * hw/arm/aspeed: Fix missing SPI IRQ connection causing DMA interrupt failure\n  * migration: Fix transition to COLO state from precopy\n  * Full backport list: https://lore.kernel.org/qemu-devel/1765037524.347582.2700543.nullmailer@tls.msk.ru/\n\n- Version 10.0.6:\n  * linux-user/microblaze: Fix little-endianness binary\n  * target/hppa: correct size bit parity for fmpyadd\n  * target/i386: user: do not set up a valid LDT on reset\n  * async: access bottom half flags with qatomic_read\n  * target/i386: fix x86_64 pushw op\n  * i386/tcg/smm_helper: Properly apply DR values on SMM entry / exit\n  * i386/cpu: Prevent delivering SIPI during SMM in TCG mode\n  * i386/kvm: Expose ARCH_CAP_FB_CLEAR when invulnerable to MDS\n  * target/i386: Fix CR2 handling for non-canonical addresses\n  * block/curl.c: Use explicit long constants in curl_easy_setopt calls\n  * pcie_sriov: Fix broken MMIO accesses from SR-IOV VFs\n  * target/riscv: rvv: Fix vslide1[up|down].vx unexpected result when XLEN2 and SEWd\n  * target/riscv: Fix ssamoswap error handling\n  * Full backport list: https://lore.kernel.org/qemu-devel/1761022287.744330.6357.nullmailer@tls.msk.ru/\n\n- Version 10.0.5:\n  * tests/functional/test_aarch64_sbsaref_freebsd: Fix the URL of the ISO image\n  * tests/functional/test_ppc_bamboo: Replace broken link with working assets\n  * physmem: Destroy all CPU AddressSpaces on unrealize\n  * memory: New AS helper to serialize destroy+free\n  * include/system/memory.h: Clarify address_space_destroy() behaviour\n  * migration: Fix state transition in postcopy_start() error handling\n  * target/riscv: rvv: Modify minimum VLEN according to enabled vector extensions\n  * target/riscv: rvv: Replace checking V by checking Zve32x\n  * target/riscv: Fix endianness swap on compressed instructions\n  * hw/riscv/riscv-iommu: Fixup PDT Nested Walk\n  * Full backport list: https://lore.kernel.org/qemu-devel/1759986125.676506.643525.nullmailer@tls.msk.ru/\n\n- [openSUSE][RPM]: really fix *-virtio-gpu-pci dependency on ARM (bsc#1254286).\n- [openSUSE][RPM] spec: make glusterfs support conditional (bsc#1254494).\n",null,[],[],[],[14,16],{"_key":15},"CVE-2025-11234",{"_key":17},"CVE-2025-12464",[],[],[21,22],{"_key":15},{"_key":17},"2025-12-18T12:42:03Z","2026-03-23T04:54:19.312735Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,38,42,46,50,55],{"url":29,"sources":30,"tags":32},"https://bugzilla.suse.com/1230042",[31],"osv_opensuse",[33],"REPORT",{"url":35,"sources":36,"tags":37},"https://bugzilla.suse.com/1250984",[31],[33],{"url":39,"sources":40,"tags":41},"https://bugzilla.suse.com/1253002",[31],[33],{"url":43,"sources":44,"tags":45},"https://bugzilla.suse.com/1254286",[31],[33],{"url":47,"sources":48,"tags":49},"https://bugzilla.suse.com/1254494",[31],[33],{"url":51,"sources":52,"tags":53},"https://www.suse.com/security/cve/CVE-2025-11234",[31],[54],"WEB",{"url":56,"sources":57,"tags":58},"https://www.suse.com/security/cve/CVE-2025-12464",[31],[54],[],[],[],[63,76],{"ecosystem":64,"name":65,"vendor":66,"product":67,"cpe_part":9,"purl_type":68,"purl_namespace":66,"purl_name":67,"source":9,"versions":69},"openSUSE","qemu-linux-user","opensuse","qemu-linux-user&distro=openSUSE Leap 16.0","rpm",[70],{"version":71,"is_range":72,"range_type":73,"version_start":9,"version_start_type":9,"version_end":74,"version_end_type":75,"fixed_in":9},"lt10_0_7_160000_1_1",true,"ecosystem","10.0.7-160000.1.1","excluding",{"ecosystem":64,"name":77,"vendor":66,"product":78,"cpe_part":9,"purl_type":68,"purl_namespace":66,"purl_name":78,"source":9,"versions":79},"qemu","qemu&distro=openSUSE Leap 16.0",[80],{"version":71,"is_range":72,"range_type":73,"version_start":9,"version_start_type":9,"version_end":74,"version_end_type":75,"fixed_in":9}]