Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-3215 | 1 Redhat | 1 Virtio-win | 2026-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| The NetKVM Windows Virtio driver allows remote attackers to cause a denial of service (guest crash) via a crafted length value in an IP packet, as demonstrated by a value that does not account for the size of the IP options. | |||||
| CVE-2026-5164 | 1 Redhat | 2 Enterprise Linux, Virtio-win | 2026-04-28 | N/A | 6.7 MEDIUM |
| A flaw was found in virtio-win. The `RhelDoUnMap()` function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. This can cause a system crash, resulting in a Denial of Service (DoS). | |||||
| CVE-2026-5165 | 1 Redhat | 2 Enterprise Linux, Virtio-win | 2026-04-28 | N/A | 6.7 MEDIUM |
| A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system instability or unexpected behavior. | |||||