vulnerability
Ubuntu: USN-8161-1 (CVE-2024-6519): QEMU vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:M/C:C/I:C/A:C) | Oct 21, 2024 | Jun 26, 2025 | Apr 14, 2026 |
Severity
7
CVSS
(AV:L/AC:L/Au:M/C:C/I:C/A:C)
Published
Oct 21, 2024
Added
Jun 26, 2025
Modified
Apr 14, 2026
Description
A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.
Solutions
ubuntu-upgrade-qemuubuntu-upgrade-qemu-systemubuntu-upgrade-qemu-system-armubuntu-upgrade-qemu-system-commonubuntu-upgrade-qemu-system-dataubuntu-upgrade-qemu-system-guiubuntu-upgrade-qemu-system-mipsubuntu-upgrade-qemu-system-miscubuntu-upgrade-qemu-system-modules-openglubuntu-upgrade-qemu-system-modules-spiceubuntu-upgrade-qemu-system-ppcubuntu-upgrade-qemu-system-riscvubuntu-upgrade-qemu-system-s390xubuntu-upgrade-qemu-system-sparcubuntu-upgrade-qemu-system-x86ubuntu-upgrade-qemu-system-x86-microvmubuntu-upgrade-qemu-system-x86-xenubuntu-upgrade-qemu-system-xen
References
- CVE-2024-6519
- https://attackerkb.com/topics/CVE-2024-6519
- CWE-416
- EUVD-EUVD-2024-47600
- UBUNTU-USN-8161-1
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-47600
- https://ubuntu.com/security/notices/USN-8161-1
- https://www.cve.org/CVERecord?id=CVE-2024-6519
- https://www.zerodayinitiative.com/advisories/ZDI-24-1382/
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.