HIGH
cloud-hypervisor
CVE published 2026-06-10
CVE-2026-45782
CVE-2026-45782 is a high-severity vulnerability in Cloud Hypervisor, a Virtual Machine Monitor for Cloud workloads. From version 21.0 to before version 51.2, a guest can cause a use-after-free in the cloud-hypervisor process by submitting two virtio-block descriptor chains that reuse the same head_index while asynchronous block I/O is enabled (e.g., io_uring, aio). When the kernel completes the duplicate [truncated]