QEMU 10.0.3 Migration State Inconsistency in PCIe SR-IOV
CVE-2025-54566 Published on July 25, 2025
hw/pci/pcie_sriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327.
Weakness Type
External Control of Critical State Data
The software stores security-critical state information about its users, or the software itself, in a location that is accessible to unauthorized actors.
Products Associated with CVE-2025-54566
Want to know whenever a new CVE is published for QEMU? stack.watch will email you.
Affected Versions
QEMU:- Version 10.0.0, <= 10.0.3 is affected.
Exploit Probability
EPSS
0.01%
Percentile
0.37%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.