CVE-2022-26354
3.2LOWA flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected r
Опубликовано: 3/16/2022Обновлено: 11/21/2024
Описание
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.
ИИ-АнализНа базе ИИ
Затронутые продукты
qemuqemu
debiandebian_linux
9.0
debiandebian_linux
10.0
Ссылки
- https://gitlab.com/qemu-project/qemu/-/commit/8d1b247f3748ac4078524130c6d7ae42b6140aafPatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/04/msg00002.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/09/msg00008.htmlMailing ListThird Party Advisory
- https://security.gentoo.org/glsa/202208-27Third Party Advisory
- https://security.netapp.com/advisory/ntap-20220425-0003/Third Party Advisory
- https://www.debian.org/security/2022/dsa-5133Third Party Advisory
- https://gitlab.com/qemu-project/qemu/-/commit/8d1b247f3748ac4078524130c6d7ae42b6140aafPatchThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/04/msg00002.htmlMailing ListThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2022/09/msg00008.htmlMailing ListThird Party Advisory
- https://security.gentoo.org/glsa/202208-27Third Party Advisory
- https://security.netapp.com/advisory/ntap-20220425-0003/Third Party Advisory
- https://www.debian.org/security/2022/dsa-5133Third Party Advisory