cvedb.io
CVE-2022-26354
LOW · CVSS 3.2
EPSS exploitation probability: 0%
Published 2022-03-16T15:15:16.840 · Last modified 2026-06-17T04:35:02.490

Summary

A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.

Affected products

qemu — qemu

Does this affect you?

Add your gear to cvedb and we'll alert you only when qemu ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.