CNNVD-202509-3040 Information

CNNVD ID

CNNVD-202509-3040

Related CVE

CVE-2025-8860

• CNNVD Published: 2025-09-05

Description (Chinese)

QEMU（Quick Emulator）是法国法布里斯-贝拉（Fabrice Bellard）个人开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU存在安全漏洞，该漏洞源于攻击者可通过uefi-vars绕过访问限制，可能导致敏感信息泄露。

Description (English)

QEMU (Quick Emulator) is a simulator software for the personal developers of Fabrice Bellard in France. The software is fast and cross-platform. QEMU had a security loophole, which stemmed from the fact that the attackers could circumvent access restrictions through efi-vars, which could lead to the disclosure of sensitive information.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-09-05

Last Modified

2026-02-24

References

https://bugzilla.redhat.com/show_bug.cgi?id=2387588 https://access.redhat.com/security/cve/CVE-2025-8860 https://vigilance.fr/vulnerability/QEMU-information-disclosure-via-uefi-vars-48139