CVE-2022-26354

Summary

A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.

Affected Software

VendorProductVersion RangeStatus
n/aqemu-kvmAffected QEMU versions <= 6.2.0affected

Weaknesses

  • CWE-772: CWE-772

ADP Enrichment

CVE Program Container

Additional References

References