CVE Number: CVE-2026-0665 Bug ID: 2428640 Vulnerability Type: Heap off-by-one Affected Component: qemu-kvm: KVM Xen PHYSDEVOP_map_pirq Reported Date: 2026-01-12 10:48 UTC Modified Date: 2026-02-06 11:11 UTC Priority: medium Severity: medium Description: - An off-by-one error in QEMU's KVM Xen guest support allows a malicious guest to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption. Patch: - https://lore.kernel.org/qemu-devel/13FE03BE60EA78D6+20260109023548.4047-1-vr@darknavy.com/ Credit: DARKNAVY (@DarkNavyOrg) Upstream Commit: - https://gitlab.com/qemu-project/qemu/-/commit/c7504ba2a560fd884557f6e5142f03b491aad0c7