vulnerability
Red Hat: CVE-2025-11234: qemu-kvm: VNC WebSocket handshake use-after-free (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Sep 30, 2025 | Dec 18, 2025 | Feb 9, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Sep 30, 2025
Added
Dec 18, 2025
Modified
Feb 9, 2026
Description
A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and triggering a use-after-free in the use of the channel. This can be abused by a malicious client with network access to the VNC WebSocket port to cause a denial of service during the WebSocket handshake prior to the VNC client authentication.
Solutions
redhat-upgrade-qemu-guest-agentredhat-upgrade-qemu-guest-agent-debuginforedhat-upgrade-qemu-imgredhat-upgrade-qemu-img-debuginforedhat-upgrade-qemu-kvmredhat-upgrade-qemu-kvm-audio-dbus-debuginforedhat-upgrade-qemu-kvm-audio-paredhat-upgrade-qemu-kvm-audio-pa-debuginforedhat-upgrade-qemu-kvm-block-blkioredhat-upgrade-qemu-kvm-block-blkio-debuginforedhat-upgrade-qemu-kvm-block-curlredhat-upgrade-qemu-kvm-block-curl-debuginforedhat-upgrade-qemu-kvm-block-rbdredhat-upgrade-qemu-kvm-block-rbd-debuginforedhat-upgrade-qemu-kvm-commonredhat-upgrade-qemu-kvm-common-debuginforedhat-upgrade-qemu-kvm-coreredhat-upgrade-qemu-kvm-core-debuginforedhat-upgrade-qemu-kvm-debuginforedhat-upgrade-qemu-kvm-debugsourceredhat-upgrade-qemu-kvm-device-display-virtio-gpuredhat-upgrade-qemu-kvm-device-display-virtio-gpu-ccwredhat-upgrade-qemu-kvm-device-display-virtio-gpu-ccw-debuginforedhat-upgrade-qemu-kvm-device-display-virtio-gpu-debuginforedhat-upgrade-qemu-kvm-device-display-virtio-gpu-pciredhat-upgrade-qemu-kvm-device-display-virtio-gpu-pci-debuginforedhat-upgrade-qemu-kvm-device-display-virtio-vgaredhat-upgrade-qemu-kvm-device-display-virtio-vga-debuginforedhat-upgrade-qemu-kvm-device-usb-hostredhat-upgrade-qemu-kvm-device-usb-host-debuginforedhat-upgrade-qemu-kvm-device-usb-redirectredhat-upgrade-qemu-kvm-device-usb-redirect-debuginforedhat-upgrade-qemu-kvm-docsredhat-upgrade-qemu-kvm-tests-debuginforedhat-upgrade-qemu-kvm-toolsredhat-upgrade-qemu-kvm-tools-debuginforedhat-upgrade-qemu-kvm-ui-dbus-debuginforedhat-upgrade-qemu-kvm-ui-egl-headlessredhat-upgrade-qemu-kvm-ui-egl-headless-debuginforedhat-upgrade-qemu-kvm-ui-openglredhat-upgrade-qemu-kvm-ui-opengl-debuginforedhat-upgrade-qemu-pr-helperredhat-upgrade-qemu-pr-helper-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.