Medium severity6.5NVD Advisory· Published Feb 18, 2026· Updated Apr 15, 2026
CVE-2026-0665
CVE-2026-0665
Description
An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15- osv-coords14 versionspkg:rpm/opensuse/qemu&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/qemu&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/qemu&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/qemu-linux-user&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/qemu-linux-user&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Micro%206.2pkg:rpm/suse/qemu-linux-user&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7
< 8.2.10-150600.3.46.1+ 13 more
- (no CPE)range: < 8.2.10-150600.3.46.1
- (no CPE)range: < 10.0.8-160000.1.1
- (no CPE)range: < 10.2.0-2.1
- (no CPE)range: < 8.2.10-150600.3.46.1
- (no CPE)range: < 10.0.8-160000.1.1
- (no CPE)range: < 9.2.4-150700.3.14.1
- (no CPE)range: < 9.2.4-150700.3.14.1
- (no CPE)range: < 9.2.4-150700.3.14.1
- (no CPE)range: < 8.2.10-150600.3.49.1
- (no CPE)range: < 8.2.10-150600.3.49.1
- (no CPE)range: < 8.2.10-2.1
- (no CPE)range: < 8.2.10-slfo.1.1_4.1
- (no CPE)range: < 10.0.8-160000.1.1
- (no CPE)range: < 9.2.4-150700.3.14.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.