Name | CVE-2022-26354 |
Description | A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DLA-2970-1, DLA-3099-1, DSA-5133-1 |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
qemu (PTS) | jessie, jessie (lts) | 1:2.1+dfsg-12+deb8u23 | fixed |
stretch (security) | 1:2.8+dfsg-6+deb9u17 | fixed | |
stretch (lts), stretch | 1:2.8+dfsg-6+deb9u19 | fixed | |
buster (security), buster, buster (lts) | 1:3.1+dfsg-8+deb10u12 | fixed | |
bullseye | 1:5.2+dfsg-11+deb11u3 | fixed | |
bullseye (security) | 1:5.2+dfsg-11+deb11u2 | fixed | |
bookworm | 1:7.2+dfsg-7+deb12u7 | fixed | |
sid, trixie | 1:9.2.0+ds-2 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
qemu | source | jessie | (not affected) | |||
qemu | source | stretch | 1:2.8+dfsg-6+deb9u17 | DLA-2970-1 | ||
qemu | source | buster | 1:3.1+dfsg-8+deb10u9 | DLA-3099-1 | ||
qemu | source | bullseye | 1:5.2+dfsg-11+deb11u2 | DSA-5133-1 | ||
qemu | source | (unstable) | 1:7.0+dfsg-1 |
https://bugzilla.redhat.com/show_bug.cgi?id=2063257
https://gitlab.com/qemu-project/qemu/-/commit/8d1b247f3748ac4078524130c6d7ae42b6140aaf
vulnerable code in buster in vhost_vsock_send_transport_reset
[jessie] - qemu <not-affected> (vulnerable code was introduced later)