UNKNOWNCVE-2026-5164
Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request
Platform
linux
Component
kvm-guest-drivers-windows
A flaw was found in virtio-win. The `RhelDoUnMap()` function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. This can cause a system crash, resulting in a Denial of Service (DoS).
How to fix
Actualice el paquete virtio-win a la última versión disponible proporcionada por Red Hat. Esto solucionará la vulnerabilidad de desbordamiento de búfer al validar correctamente el número de descriptores durante las solicitudes de desasignación.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free