CVE-2026-5164

EPSS 0.01%
Veröffentlicht 30.03.2026 15:16:36
Zuletzt bearbeitet 28.04.2026 14:22:23
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Virtio-win: virtio-win: denial of service via unvalidated descriptor count in unmap request

A flaw was found in virtio-win. The `RhelDoUnMap()` function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. This can cause a system crash, resulting in a Denial of Service (DoS).

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 3 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Redhat ≫ Virtio-win Version-

Redhat ≫ Enterprise Linux Version9.0

Redhat ≫ Enterprise Linux Version10.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.018

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
secalert@redhat.com	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://access.redhat.com/security/cve/CVE-2026-5164

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2453014

Vendor Advisory

Issue Tracking

https://github.com/virtio-win/kvm-guest-drivers-windows/pull/1504

Patch

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2026-5164

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-5164

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-5164

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-5164