QwikSec

Security Database

CVE

CWE

Training

CVE-2022-26353

Published: Mar 16, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0.

Vendor	Product	Versions
n/a	qemu-kvm	affected `Affected QEMU version: 6.2.0`

Weaknesses (CWE)

References

https://lists.nongnu.org/archive/html/qemu-devel/2022-03/msg02438.html

x_refsource_MISC

https://gitlab.com/qemu-project/qemu/-/commit/abe300d9d894f7138e1af7c8e9c88c04bfe98b37

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20220425-0003/

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.