[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2025:21233-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":64,"epss":9,"epss_history":65,"metrics":66,"affected":67},"SUSE-SU-2025:21233-1","Security update for qemu\n\nThis update for qemu fixes the following issues:\n\nUpdate to version 10.0.7.\n\nSecurity issues fixed:\n\n- CVE-2025-12464: stack-based buffer overflow in the e1000 network device operations can be exploited by a malicious\n  guest user to crash the QEMU process on the host (bsc#1253002).\n- CVE-2025-11234: use-after-free in WebSocket handshake operations can be exploited by a malicious client with network\n  access to the VNC WebSocket port to cause a denial-of-service (bsc#1250984).\n\nOther updates and bugfixes:\n\n- Version 10.0.7:\n  * kvm: Fix kvm_vm_ioctl() and kvm_device_ioctl() return value\n  * docs/devel: Update URL for make-pullreq script\n  * target/arm: Fix assert on BRA.\n  * hw/aspeed/{xdma, rtc, sdhci}: Fix endianness to DEVICE_LITTLE_ENDIAN\n  * hw/core/machine: Provide a description for aux-ram-share property\n  * hw/pci: Make msix_init take a uint32_t for nentries\n  * block/io_uring: avoid potentially getting stuck after resubmit at the end of ioq_submit()\n  * block-backend: Fix race when resuming queued requests\n  * ui/vnc: Fix qemu abort when query vnc info\n  * chardev/char-pty: Do not ignore chr_write() failures\n  * hw/display/exynos4210_fimd: Account for zero length in fimd_update_memory_section()\n  * hw/arm/armv7m: Disable reentrancy guard for v7m_sysreg_ns_ops MRs\n  * hw/arm/aspeed: Fix missing SPI IRQ connection causing DMA interrupt failure\n  * migration: Fix transition to COLO state from precopy\n  * Full backport list: https://lore.kernel.org/qemu-devel/1765037524.347582.2700543.nullmailer@tls.msk.ru/\n\n- Version 10.0.6:\n  * linux-user/microblaze: Fix little-endianness binary\n  * target/hppa: correct size bit parity for fmpyadd\n  * target/i386: user: do not set up a valid LDT on reset\n  * async: access bottom half flags with qatomic_read\n  * target/i386: fix x86_64 pushw op\n  * i386/tcg/smm_helper: Properly apply DR values on SMM entry / exit\n  * i386/cpu: Prevent delivering SIPI during SMM in TCG mode\n  * i386/kvm: Expose ARCH_CAP_FB_CLEAR when invulnerable to MDS\n  * target/i386: Fix CR2 handling for non-canonical addresses\n  * block/curl.c: Use explicit long constants in curl_easy_setopt calls\n  * pcie_sriov: Fix broken MMIO accesses from SR-IOV VFs\n  * target/riscv: rvv: Fix vslide1[up|down].vx unexpected result when XLEN2 and SEWd\n  * target/riscv: Fix ssamoswap error handling\n  * Full backport list: https://lore.kernel.org/qemu-devel/1761022287.744330.6357.nullmailer@tls.msk.ru/\n\n- Version 10.0.5:\n  * tests/functional/test_aarch64_sbsaref_freebsd: Fix the URL of the ISO image\n  * tests/functional/test_ppc_bamboo: Replace broken link with working assets\n  * physmem: Destroy all CPU AddressSpaces on unrealize\n  * memory: New AS helper to serialize destroy+free\n  * include/system/memory.h: Clarify address_space_destroy() behaviour\n  * migration: Fix state transition in postcopy_start() error handling\n  * target/riscv: rvv: Modify minimum VLEN according to enabled vector extensions\n  * target/riscv: rvv: Replace checking V by checking Zve32x\n  * target/riscv: Fix endianness swap on compressed instructions\n  * hw/riscv/riscv-iommu: Fixup PDT Nested Walk\n  * Full backport list: https://lore.kernel.org/qemu-devel/1759986125.676506.643525.nullmailer@tls.msk.ru/\n\n- [openSUSE][RPM]: really fix *-virtio-gpu-pci dependency on ARM (bsc#1254286).\n- [openSUSE][RPM] spec: make glusterfs support conditional (bsc#1254494).\n",null,[],[],[],[14,16],{"_key":15},"CVE-2025-11234",{"_key":17},"CVE-2025-12464",[],[],[21,22],{"_key":15},{"_key":17},"2025-12-18T12:38:54Z","2026-03-23T04:50:20.470651Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,39,43,47,51,55,60],{"url":29,"sources":30,"tags":32},"https://www.suse.com/support/update/announcement/2025/suse-su-202521233-1/",[31],"osv_suse",[33],"Advisory",{"url":35,"sources":36,"tags":37},"https://bugzilla.suse.com/1230042",[31],[38],"REPORT",{"url":40,"sources":41,"tags":42},"https://bugzilla.suse.com/1250984",[31],[38],{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/1253002",[31],[38],{"url":48,"sources":49,"tags":50},"https://bugzilla.suse.com/1254286",[31],[38],{"url":52,"sources":53,"tags":54},"https://bugzilla.suse.com/1254494",[31],[38],{"url":56,"sources":57,"tags":58},"https://www.suse.com/security/cve/CVE-2025-11234",[31],[59],"WEB",{"url":61,"sources":62,"tags":63},"https://www.suse.com/security/cve/CVE-2025-12464",[31],[59],[],[],[],[68,81,85,90],{"ecosystem":69,"name":70,"vendor":71,"product":72,"cpe_part":9,"purl_type":73,"purl_namespace":71,"purl_name":72,"source":9,"versions":74},"SUSE Linux Enterprise","qemu-linux-user","suse","qemu-linux-user&distro=SUSE Linux Enterprise Server 16.0","rpm",[75],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},"lt10_0_7_160000_1_1",true,"ecosystem","10.0.7-160000.1.1","excluding",{"ecosystem":69,"name":70,"vendor":71,"product":82,"cpe_part":9,"purl_type":73,"purl_namespace":71,"purl_name":82,"source":9,"versions":83},"qemu-linux-user&distro=SUSE Linux Enterprise Server for SAP applications 16.0",[84],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":69,"name":86,"vendor":71,"product":87,"cpe_part":9,"purl_type":73,"purl_namespace":71,"purl_name":87,"source":9,"versions":88},"qemu","qemu&distro=SUSE Linux Enterprise Server 16.0",[89],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},{"ecosystem":69,"name":86,"vendor":71,"product":91,"cpe_part":9,"purl_type":73,"purl_namespace":71,"purl_name":91,"source":9,"versions":92},"qemu&distro=SUSE Linux Enterprise Server for SAP applications 16.0",[93],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9}]