This update for qemu fixes the following issues: * CVE-2024-26327: Fixed buffer overflow via invalid SR/IOV NumVFs value . * CVE-2024-24474: Fixed integer overflow results in buffer overflow via SCSI command . * CVE-2023-6693: Fixed stack buffer overflow in virtio_net_flush_tx . * CVE-2023-1544: Fixed out-of-bounds read in pvrdma_ring_next_elem_read . * CVE-2024-26328: Fixed invalid NumVFs value handled in NVME SR/IOV implementation . The following non-security bug was fixed: * Removing in-use mediated device should fail with error message instead of hang .