CVE-2026-3195
ADVISORY - debianSummary
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtio_snd_pcm_in_cb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730.
- qemu 1:10.2.2+ds-1 (bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129604) [trixie] - qemu 1:10.0.10+ds-0+deb13u1 [bookworm] - qemu (Incomplete fix for CVE-2024-7730 not applied) [bullseye] - qemu (Incomplete fix for CVE-2024-7730 not applied) CVE exists for an incomplete fix for CVE-2024-7730 https://lore.kernel.org/qemu-devel/20260220-virtio-snd-series-v1-0-207c4f7200a2@linaro.org/ Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/bcb53328aa70023f1405fade4e253e7f77567261 (11.0.0-rc0) Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/7994203bb1b83a6604f3ab00fe9598909bb66164 (v11.0.0-rc0) Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/a730f98a7a199706c44dd86a39d961e80e2ad18f (v10.2.2) Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/298986525140149bd749c236c17cfbb507c69e23 (v10.2.2)
EPSS Score: 0.00126 (0.027)
Common Weakness Enumeration (CWE)
Debian
CREATED
UPDATED
ADVISORY IDCVE-2026-3195
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowUbuntu
CREATED
UPDATED
ADVISORY IDCVE-2026-3195
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-