OESA-2026-2090

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-2090

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2026-2090.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2026-2090

Upstream

CVE-2026-2243

Published

2026-04-25T05:50:08Z

Modified

2026-04-25T06:04:26.935041Z

Summary

qemu security update

Details

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed.

Security Fix(es):

A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulnerability, potentially leading to a 12-byte leak of sensitive information or a denial of service condition (DoS).(CVE-2026-2243)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:22.03-LTS-SP4 / qemu

Package

Name: qemu
Purl: pkg:rpm/openEuler/qemu&distro=openEuler-22.03-LTS-SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.2.0-113.oe2203sp4

Ecosystem specific

{
    "src": [
        "qemu-6.2.0-113.oe2203sp4.src.rpm"
    ],
    "aarch64": [
        "qemu-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-block-curl-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-block-iscsi-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-block-rbd-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-block-ssh-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-debuginfo-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-debugsource-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-guest-agent-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-hw-usb-host-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-img-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-system-aarch64-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-system-arm-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-system-riscv-6.2.0-113.oe2203sp4.aarch64.rpm",
        "qemu-system-x86_64-6.2.0-113.oe2203sp4.aarch64.rpm"
    ],
    "x86_64": [
        "qemu-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-block-curl-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-block-iscsi-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-block-rbd-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-block-ssh-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-debuginfo-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-debugsource-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-guest-agent-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-hw-usb-host-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-img-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-seabios-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-system-aarch64-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-system-arm-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-system-riscv-6.2.0-113.oe2203sp4.x86_64.rpm",
        "qemu-system-x86_64-6.2.0-113.oe2203sp4.x86_64.rpm"
    ],
    "noarch": [
        "qemu-help-6.2.0-113.oe2203sp4.noarch.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2026-2090.json"