CVE-2026-5164

Name of the Vulnerable Software and Affected Versions virtio-win (affected versions not specified)

Description A flaw exists in virtio-win where the RhelDoUnMap() function inadequately validates the number of descriptors supplied by a user during an unmap request. A local user could exploit this input validation issue by providing an excessive number of descriptors, potentially causing a buffer overrun. This could lead to a system crash and a Denial of Service (DoS).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.