120 matches found
CVE-2026-45782
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. From version 21.0 to before version 51.2, a guest can cause a use-after-free in the cloud-hypervisor process by submitting two virtio-block descriptor chains that reuse the same headindex while asynchronous block I/O is enabled e....
CVE-2026-45782
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. From version 21.0 to before version 51.2, a guest can cause a use-after-free in the cloud-hypervisor process by submitting two virtio-block descriptor chains that reuse the same headindex while asynchronous block I/O is enabled e....
CVE-2026-45782 Cloud Hypervisor: Use-after-free in virtio-block Async I/O Completion
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. From version 21.0 to before version 51.2, a guest can cause a use-after-free in the cloud-hypervisor process by submitting two virtio-block descriptor chains that reuse the same headindex while asynchronous block I/O is enabled e....
CVE-2026-45782
Cloud Hypervisor (virtio-block) is affected from 21.0 up to before 51.2. The issue arises in asynchronous virtio-block I/O completion when two descriptor chains reuse the same head_index, allowing a use-after-free that corrupts a bounce buffer if the duplicate operation completes before the origi...
CVE-2026-45782 Cloud Hypervisor: Use-after-free in virtio-block Async I/O Completion
Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. From version 21.0 to before version 51.2, a guest can cause a use-after-free in the cloud-hypervisor process by submitting two virtio-block descriptor chains that reuse the same headindex while asynchronous block I/O is enabled e....
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume In virtblkinithctx, hctx-userdata is set to vq. However, vq is freed during suspension and reallocated during resume. As a result, hctx-userdata becomes invalid after resume,...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fixed a memory leak during the suspend/resume procedure. The vblk-vqs should be freed before calling initvqs in virtblkrestore...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-pci: The size of the result returned for the admin command completion has been corrected. The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: an implicit overflow issue with virtiomaxdmasize has been fixed. The following code involves an implicit conversion from sizet to u32: u32maxsize = sizetvirtiomaxdmasizevdev; This may lead to an overflow situation; fo...
CVE-2026-5761
virtio-blk: zone report buffer out-of-memory...
UBUNTU-CVE-2026-5761
virtio-blk: zone report buffer out-of-memory...
CVE-2026-5165
A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...
EUVD-2026-17113
A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...
CVE-2026-5165 Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset
A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...
CVE-2026-5165
CVE-2026-5165 affects virtio-win’s VirtIO Block (BLK) device. A reset can mishandle memory, causing a use-after-free that could allow a local attacker to corrupt memory and cause system instability or unexpected behavior. Connected sources corroborate the issue across NVD, Red Hat and other feeds...
CVE-2026-5165 Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset
A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...
CVE-2026-5165
A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...
CVE-2026-5165
A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system...
PT-2026-29036
Name of the Vulnerable Software and Affected Versions virtio-win affected versions not specified Description A memory management issue exists in the VirtIO Block BLK device within virtio-win. A reset of the device does not properly handle memory, leading to a use-after-free condition. This could...
Linux Distros Unpatched Vulnerability : CVE-2026-5165
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in virtio-win, specifically within the VirtIO Block BLK device. When the device undergoes a reset, it fails to properly manage memory, resultin...