CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling

🗓️ 12 Jun 2026 09:42:36Reported by redhatType

CVE-2026-48914: QEMU virtio-blk SCSI requests may overflow the host heap due to descriptor size validation failure, risking DoS.

Reporter	Title	Published	Views	Family All 6
CVE	CVE-2026-48914	12 Jun 202609:42	–	cve
EUVD	EUVD-2026-36408	12 Jun 202609:42	–	euvd
NVD	CVE-2026-48914	12 Jun 202610:16	–	nvd
Positive Technologies	PT-2026-48843	12 Jun 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-48914	12 Jun 202609:42	–	redhatcve
Vulnrichment	CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling	12 Jun 202609:42	–	vulnrichment

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "1.1.0",
        "versionType": "semver",
        "lessThanOrEqual": "11.0.1"
      }
    ],
    "packageName": "qemu",
    "collectionURL": "https://gitlab.com/qemu-project/qemu",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "qemu-kvm",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "qemu-kvm",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "qemu-kvm",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "qemu-kvm-ma",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "qemu-kvm",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "qemu-kvm",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux for NVIDIA 26",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "qemu-kvm",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:enterprise_linux_nvidia:"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rhcos",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:openshift:4"
    ]
  }
]

Source	Link
lore	www.lore.kernel.org/qemu-devel/[email protected]/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/security/cve/CVE-2026-48914

12 Jun 2026 10:13Current

CVSS 3.16.7

CWE-122