CVE-2026-5164

Published: Mar 30, 2026 Last Modified: Mar 30, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,7

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: high

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

A flaw was found in virtio-win. The `RhelDoUnMap()` function does not properly validate the number of descriptors provided by a user during an unmap request. A local user could exploit this input validation vulnerability by supplying an excessive number of descriptors, leading to a buffer overrun. This can cause a system crash, resulting in a Denial of Service (DoS).

120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Confidentiality Availability

Potential Impacts:

Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu)

Applicable Platforms

Languages: Assembly, C, C++, Memory-Unsafe

Likelihood of Exploit: High

View CWE Details

https://access.redhat.com/security/cve/CVE-2026-5164

https://bugzilla.redhat.com/show_bug.cgi?id=2453014

https://github.com/virtio-win/kvm-guest-drivers-windows/pul…

https://github.com/virtio-win/kvm-guest-drivers-windows/pull/1504

CVE-2026-5164

Description

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter