← volver
CVE-2022-26354

CVE-2022-26354

EPSS 0.4%CWE-772
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
16 mar 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.
Productos afectados
n/a · qemu-kvm

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://gitlab.com/qemu-project/qemu/-/commit/8d1b247f3748ac4078524130c6d7ae42b6140aafhttps://lists.debian.org/debian-lts-announce/2022/04/msg00002.htmlhttps://lists.debian.org/debian-lts-announce/2022/09/msg00008.htmlhttps://security.gentoo.org/glsa/202208-27https://security.netapp.com/advisory/ntap-20220425-0003/https://www.debian.org/security/2022/dsa-5133