CVE-2022-26354
LOW3.2EPSS 0.01%發布日:2022/3/16修改日:2026/4/28
描述
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.
受影響套件(1)
- Debian/qemufrom 0, < 1:5.2+dfsg-11+deb11u2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | LOW3.2 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L |