CVE-2026-3842Out-of-bounds Write in Qemu

CWE-787Out-of-bounds Write5 documents4 sources
Severity
7.8HIGH
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Debian Qemu
Timeline
Latest updateApr 14

Description

bookworm: open bullseye: resolved forky: resolved (fixed in 1:10.2.2+ds-1) sid: resolved (fixed in 1:10.2.2+ds-1) trixie: open

Affected Packages1 packages

debiandebian/qemu< qemu 1:10.2.2+ds-1 (forky)

📋Vendor Advisories

3
Ubuntu
QEMU vulnerabilities2026-04-09
Red Hat
qemu-kvm: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host OOB write2026-03-09
Debian
CVE-2026-3842: qemu2026

💬Community

2
Bugzilla
CVE-2026-3842 qemu-kvm: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host OOB write2026-04-14
Bugzilla
CVE-2026-3842 qemu: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host OOB write [fedora-all]2026-04-14