Zero Day MonitorZDM

← Back to list

EST

PRE-CVE

red hat · kvm

KVM shadow EPT stale rmap use-after-free

60% confidence

Description

A use-after-free vulnerability in KVM's shadow paging code that can lead to kernel memory corruption and denial of service (DoS) issues. The vulnerability arises when a shadow page table entry (SPTE) is overwritten without proper cleanup of the reverse mapping (rmap), resulting in dereferencing a stale pointer.

Affected Products

Vendor	Product	Versions
red hat	kvm	v5.13 through current upstream/kvm-next

Related News (1 articles)

Tier C

oss-security2h ago

KVM shadow EPT stale rmap use-after-free

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

CWECWE-416

Published3/30/2026

Last enriched2h ago

Tags

use-after-freekvmkernel vulnerability

Trending Score27

Source articles1

Independent1

Info Completeness7/14

Missing: cve_id, cvss, epss, kev, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-1961EXP

Forman: foreman: remote code execution via command injection in websocket proxy

HIGHCVE-2026-28369EXP

Undertow: undertow: request smuggling via malformed http request headers

HIGHCVE-2026-28367EXP

Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator

NONECVE-2026-5119EXP

Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment

NONECVE-2026-4948EXP

Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

Pin to Dashboard

Verification

State: reported

Confidence: 6000%

Vulnerability Timeline

CVE Published

Mar 30, 2026

Exploit Available

Mar 30, 2026

Discovered by ZDM

Mar 30, 2026