CVE-2025-12464

MEDIUM

Red Hat Enterprise Linux 6-10 - Denial of Service via QEMU e1000 Loopback Buffer Overflow

Title source: llm

Description

A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in loopback mode. This could lead to a buffer overrun in the e1000_receive_iov() function via the loopback code path. A malicious guest user could use this vulnerability to crash the QEMU process on the host, resulting in a denial of service.

References (3)

Core 3

Core References

Vendor Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2025-12464

Issue Tracking issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2408845

https://gitlab.com/qemu-project/qemu/-/issues/3043

Scores

CVSS v3 6.2

EPSS 0.0003

EPSS Percentile 10.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-121

Status published

Products (6)

Red Hat/Red Hat Enterprise Linux 10

Red Hat/Red Hat Enterprise Linux 6

Red Hat/Red Hat Enterprise Linux 7

Red Hat/Red Hat Enterprise Linux 8

Red Hat/Red Hat Enterprise Linux 9

Red Hat/Red Hat OpenShift Container Platform 4

Published Oct 31, 2025

Tracked Since Feb 18, 2026