CNNVD-202510-531 Information

CNNVD ID

CNNVD-202510-531

Related CVE

CVE-2025-11234

• CNNVD Published: 2025-10-03

Description (Chinese)

QEMU（Quick Emulator）是法国法布里斯-贝拉（Fabrice Bellard）个人开发者的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU存在安全漏洞，该漏洞源于QIOChannelWebsock对象在等待完成握手时被释放，可能导致释放后重用和拒绝服务攻击。

Description (English)

QEMU (Quick Emulator) is a simulator software for the personal developers of Fabrice Bellard in France. The software is fast and cross-platform. QEMU has a security loophole, which stems from the release of QIOchannel Websock ’ s target while waiting for the handshake to be completed, which could lead to re-use and denial of service attacks after release.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-03

Last Modified

2026-02-24

References

https://bugzilla.redhat.com/show_bug.cgi?id=2401209 https://access.redhat.com/security/cve/CVE-2025-11234 https://vigilance.fr/vulnerability/QEMU-use-after-free-via-QIOChannelWebsock-48382

Patch

https://logback.qos.ch/