QEMU uefi-vars Info Leak via Uninitialized Heap Buffer (CVE-2025-8860)

access.redhat.com 2026-02-25查看中文 →

Security AdvisoryCVE-2025-8860LowRed Hat

Affected:

Red Hat Enterprise Linux 10 (qemu-kvm)
Red Hat Enterprise Linux 6 (qemu-kvm)
Red Hat Enterprise Linux 7 (qemu-kvm, qemu-kvm-ma)
Red Hat Enterprise Linux 8 (virt:rhel/qemu-kvm, virt:8.2/qemu-kvm)
Red Hat Enterprise Linux 8 Advanced Virtualization (virt:av/qemu-kvm)

Referenced CVEs: CVE-2025-8860 · 3.3

文章内图片已隐藏以节省流量 · Upgrade to Pro to view images & offline archive

This content was auto-fetched from access.redhat.com, cleaned by our LLM pipeline, and translated to English. View original.

More from this source

RHSA-2026:13414: X.Org X Server & TigerVNC Vulnerabilities (DOS/UAF/Info Leak) 2026-05-11 RHSA-2026:14215 Corosync Vulnerability Advisory (CVE-2026-35091, CVE-2026-35092) 2026-05-10 Red Hat OpenShell oc debug Sensitive Information Disclosure Vulnerability (CVE-2024-21630) Advisory 2026-05-10 Red Hat Corosync Security Update: CVE-2026-35091 & CVE-2026-35092 (DoS/Info Leak) 2026-05-10 Red Hat Hardened Images gnutls Security Advisory RHSA-2026:13274 2026-05-10

Offline Archive

Offline screenshot & PDF are Pro-exclusive