Wind River Support Network

HomeDefectsLIN1021-3026
Acknowledged

LIN1021-3026 : Security Advisory - qemu - CVE-2022-26354

Created: Mar 10, 2022    Updated: Apr 13, 2022
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.

https://nvd.nist.gov/vuln/detail/CVE-2022-26354
Live chat
Online