A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly…
redhat·CWE-825·Published 2026-03-30
A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system instability or unexpected behavior.
A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system instability or unexpected behavior.
Se encontró una falla en virtio-win, específicamente dentro del dispositivo VirtIO Block (BLK). Cuando el dispositivo sufre un reinicio, no gestiona la memoria correctamente, lo que resulta en una vulnerabilidad de uso después de liberación. Este problema podría permitir a un atacante local corromper la memoria del sistema, lo que podría llevar a inestabilidad del sistema o comportamiento inesperado.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | NVD | 7.8 | 1.8 | 5.9 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 6.7 | — | — | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 6.7 | — | — | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Secondary | NVD | 6.7 | 0.8 | 5.9 | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |