SUSE QEMU Denial of Service Vulnerabilities Addressed

SUSE QEMU Denial of Service Vulnerabilities Addressed

First seen 27 Jan 2026, 01:44 UTC Linuxsecurity 87% similarity 28.9

Article Content

Browse articles
ThreatCluster

SUSE has released an update for QEMU addressing two significant vulnerabilities. The first, CVE-2025-12464, involves a stack-based buffer overflow in the e1000 network device, allowing a malicious guest user to crash the QEMU process. The second, CVE-2025-11234, is a use-after-free vulnerability in WebSocket handshake operations that can be exploited by a malicious client to cause a denial-of-service.

ThreatCluster AI

Community

Browse all →