Zero Day MonitorZDM

← Back to list

6.7

CVE-2026-5165EXPLOITED

red hat · red hat enterprise linux

Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset

Description

A flaw was found in virtio-win, specifically within the VirtIO Block (BLK) device. When the device undergoes a reset, it fails to properly manage memory, resulting in a use-after-free vulnerability. This issue could allow a local attacker to corrupt system memory, potentially leading to system instability or unexpected behavior.

Affected Products

Vendor	Product	Versions
red hat	red hat enterprise linux	—

References

https://access.redhat.com/security/cve/CVE-2026-5165(vdb-entry, x_refsource_REDHAT)
https://bugzilla.redhat.com/show_bug.cgi?id=2453015(issue-tracking, x_refsource_REDHAT)
https://github.com/virtio-win/kvm-guest-drivers-windows/pull/1493

Related News (1 articles)

Tier C

VulDB5h ago

CVE-2026-5165 | virtio-win kvm-guest-drivers-windows VirtIO Block Device expired pointer dereference

→ No new info (linked only)

CVSS 3.16.7 NONE

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-825

Published3/30/2026

Last enriched4h agov2

Trending Score44

Source articles1

Independent1

Info Completeness7/14

Missing: versions, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-1961EXP

Forman: foreman: remote code execution via command injection in websocket proxy

HIGHCVE-2026-28369EXP

Undertow: undertow: request smuggling via malformed http request headers

HIGHCVE-2026-28367EXP

Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator

NONECVE-2026-5119EXP

Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment

NONECVE-2026-4948EXP

Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Mar 30, 2026

Discovered by ZDM

Mar 30, 2026

Updated: description, severity, activelyExploited

Mar 30, 2026

Actively Exploited

Mar 30, 2026

Version History

v2

Last enriched 4h ago

v2Tier C4h ago

Updated description with critical vulnerability details, changed product to kvm-guest-drivers-windows, and updated severity to CRITICAL.

descriptionseverityactivelyExploited

via VulDB

v15h ago

Initial creation