CVE-2026-48914

MEDIUM

Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling

Title source: cna

Description

A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an out-of-bounds write in the host heap memory and a potential denial of service (DoS) for the QEMU process.

References (3)

Core 3

Core References

Vdb Entry, X_Refsource_Redhat vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2026-48914

Issue Tracking, X_Refsource_Redhat issue-tracking x_refsource_redhat

RHBZ#2488283

https://bugzilla.redhat.com/show_bug.cgi?id=2488283

https://lore.kernel.org/qemu-devel/[email protected]/

Scores

CVSS v3 6.7

EPSS 0.0016

EPSS Percentile 5.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-122

Status published

Products (7)

Red Hat/Red Hat Enterprise Linux 10

Red Hat/Red Hat Enterprise Linux 6

Red Hat/Red Hat Enterprise Linux 7

Red Hat/Red Hat Enterprise Linux 8

Red Hat/Red Hat Enterprise Linux 9

Red Hat/Red Hat Enterprise Linux for NVIDIA 26

Red Hat/Red Hat OpenShift Container Platform 4

Published Jun 12, 2026

Tracked Since Jun 12, 2026