{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5165", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2026-03-30T14:51:14.677Z", "datePublished": "2026-03-30T15:02:26.375Z", "dateUpdated": "2026-04-28T14:35:37.734Z"}, "containers": {"cna": {"title": "Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system instability or unexpected behavior."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "virtio-win", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:10"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "virtio-win", "defaultStatus": "unaffected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "virtio-win", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2026-5165", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453015", "name": "RHBZ#2453015", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/virtio-win/kvm-guest-drivers-windows/pull/1493"}], "datePublic": "2026-03-30T12:34:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-825", "description": "Expired Pointer Dereference", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-825: Expired Pointer Dereference", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "timeline": [{"lang": "en", "time": "2026-03-30T14:44:19.968Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-03-30T12:34:00.000Z", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-04-28T14:35:37.734Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T18:05:27.370746Z", "id": "CVE-2026-5165", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T18:05:38.378Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5165", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-30T18:05:27.370746Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T18:05:33.941Z"}}], "cna": {"title": "Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "packageName": "virtio-win", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "virtio-win", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "packageName": "virtio-win", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2026-03-30T14:44:19.968Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-03-30T12:34:00.000Z", "value": "Made public."}], "datePublic": "2026-03-30T12:34:00.000Z", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2026-5165", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453015", "name": "RHBZ#2453015", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/virtio-win/kvm-guest-drivers-windows/pull/1493"}], "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "x_generator": {"engine": "cvelib 1.8.0"}, "descriptions": [{"lang": "en", "value": "A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system instability or unexpected behavior."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-825", "description": "Expired Pointer Dereference"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-03-30T15:30:38.405Z"}, "x_redhatCweChain": "CWE-825: Expired Pointer Dereference"}}, "cveMetadata": {"cveId": "CVE-2026-5165", "state": "PUBLISHED", "dateUpdated": "2026-03-30T18:05:38.378Z", "dateReserved": "2026-03-30T14:51:14.677Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2026-03-30T15:02:26.375Z", "assignerShortName": "redhat"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtio-win:-:*:*:*:*:*:*:*", "matchCriteriaId": "3C9702E9-461D-4BEC-9AD4-EE6C8D5E3327", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system instability or unexpected behavior."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en virtio-win, espec\u00edficamente dentro del dispositivo VirtIO Block (BLK). Cuando el dispositivo sufre un reinicio, no gestiona la memoria correctamente, lo que resulta en una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n. Este problema podr\u00eda permitir a un atacante local corromper la memoria del sistema, lo que podr\u00eda llevar a inestabilidad del sistema o comportamiento inesperado."}], "id": "CVE-2026-5165", "lastModified": "2026-04-28T14:17:41.683", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-30T15:16:36.520", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2026-5165"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453015"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://github.com/virtio-win/kvm-guest-drivers-windows/pull/1493"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-825"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"bugzilla": {"description": "virtio-win: virtio-win: Memory corruption via use-after-free in VirtIO BLK device reset", "id": "2453015", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453015"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-825", "details": ["A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system instability or unexpected behavior."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2026-5165", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "virtio-win", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "virtio-win", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "virtio-win", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-03-30T12:34:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-5165\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-5165\nhttps://github.com/virtio-win/kvm-guest-drivers-windows/pull/1493"], "statement": "A moderate vulnerability use-after-free flaw in the VirtIO Block (BLK) device within virtio-win can lead to memory corruption during device reset. A local attacker within the guest operating system could exploit this to cause system instability or unexpected behavior.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": null}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "Red Hat Enterprise Linux 10", "source": "cna", "vendor": "Red Hat"}, "product": "enterprise_linux", "vendor": "redhat"}], "analysis": {"en": {"generated_at": "2026-03-30T16:20:46.193167+00:00", "value": {"mitigation_remediation": ["Apply any current Red\u00a0Hat update for the virtio\u2011win package that addresses the use\u2011after\u2011free vulnerability.", "If no update is available, limit the use of virtio\u2011blk devices or isolate vulnerable workloads until a patch is released.", "Monitor system stability for signs of memory corruption and consult Red\u00a0Hat support for further guidance."], "summary": {"action": "Apply patch", "impact": "Local memory corruption leading to instability"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Red\u00a0Hat Enterprise\u00a0Linux\u202f8,\u202f9 and\u202f10, where the virtio\u2011win package hosts the VirtIO Block driver used by virtual machines.", "description_and_impact": "A use\u2011after\u2011free vulnerability exists in the VirtIO Block (BLK) device of virtio\u2011win. When the device is reset, memory is corrupted, which a local attacker could exploit to break system stability or produce unexpected behavior. This flaw falls under CWE\u2011825: Incorrect Memory Management.", "risk_and_exploitability": "The flaw carries a CVSS score of 6.7, indicating moderate severity, and has no reported exploits or inclusion in CISA\u2019s KEV catalog. Because the attack surface is local and requires initiating a device reset, the risk is limited to environments that expose virtio\u2011blk devices; however, the lack of an official patch or workaround emphasizes the need for monitoring until remediation is available."}}}}, "created": "2026-03-30T20:55:38.212162+00:00", "updated": "2026-04-03T09:11:17.453789+00:00", "vendors": ["redhat", "redhat$PRODUCT$enterprise_linux"]}