CVE 2022-26353
A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0.
Related bugs and status
CVE-2022-26353 (Candidate) is related to these bugs:
Bug #1967814: Ubuntu 20.04.3 - ilzlnx3g1 - virtio-scsi devs on KVM guest having miscompares on disktests when there is a failed path.
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1967814 | Ubuntu 20.04.3 - ilzlnx3g1 - virtio-scsi devs on KVM guest having miscompares on disktests when there is a failed path. | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1967814 | Ubuntu 20.04.3 - ilzlnx3g1 - virtio-scsi devs on KVM guest having miscompares on disktests when there is a failed path. | Ubuntu on IBM z Systems | High | Fix Released | ||
| 1967814 | Ubuntu 20.04.3 - ilzlnx3g1 - virtio-scsi devs on KVM guest having miscompares on disktests when there is a failed path. | qemu (Ubuntu Focal) | Undecided | Fix Released | ||
Bug #1970737: Stalled IO Operations During MySQL Tests (with sysbench)
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1970737 | Stalled IO Operations During MySQL Tests (with sysbench) | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1970737 | Stalled IO Operations During MySQL Tests (with sysbench) | qemu (Ubuntu Jammy) | Undecided | Fix Released | ||
| 1970737 | Stalled IO Operations During MySQL Tests (with sysbench) | qemu (Ubuntu Kinetic) | Undecided | Fix Released | ||
Bug #1971315: Merge qemu from Debian unstable for kinetic
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1971315 | Merge qemu from Debian unstable for kinetic | qemu (Ubuntu) | Undecided | Fix Released | ||
| 1971315 | Merge qemu from Debian unstable for kinetic | xen (Ubuntu) | Undecided | Fix Released | ||
Bug #1994115: Debian CVE-2022-26353: qemu: memory leakage
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1994115 | Debian CVE-2022-26353: qemu: memory leakage | StarlingX | Medium | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
