VDB

DEBIAN-CVE-2022-26354

DEBIAN-CVE-2022-26354 PUBLISHED CVSS 3.200000047683716 LOW

A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.

Risk Scores

CVSS 3.1
3.200000047683716
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

Affected Products

VendorProductVersions
Debian:12qemu0, 0, 0
Debian:11qemu0, 5.2+dfsg, 5.2+dfsg
Debian:13qemu0, 0, 0
Debian:14qemu0, 0, 0

Timeline

  • Mar 16, 2022 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›