CVE-2025-54566
Published: July 25, 2025Last modified: August 6, 2025
Description
hw/pci/pcie_sriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 4.2 |
| Attack Vector | ADJACENT_NETWORK |
| Attack complexity | HIGH |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | LOW |
| Availability impact | LOW |
| Vector | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L |
Notes
Introduced in v10.0.0-rc0, so earlier versions are not affected. See also CVE-2025-54567.
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | Stream | qemu | Vulnerable (10.0.0-r0) |