CVE-2025-14876

Publication date 22 December 2025

Last updated 16 February 2026

Ubuntu priority

Description

QEMU OOM on huge request from guest

Show unmaintained releases

Package	Ubuntu Release	Status
qemu	25.10 questing	Vulnerable
	25.04 plucky	Ignored end of life, was deferred [2026-01-15]
	24.04 LTS noble	Vulnerable
	22.04 LTS jammy	Not affected
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not affected

Issue introduced in 7.1.0 via: https://gitlab.com/qemu-project/qemu/-/commit/0e660a6f90abf8b517d7317595bcc8e8da31f2a1

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
qemu	Upstream: 91c6438 Upstream: 7b91309