CVE-2026-3890 Affecting qemu-kvm package, versions <10:3.1.0-8.amzn2.0.24

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-AMZN2-QEMUKVM-16708571
published16 May 2026

Report a new vulnerability Found a mistake?

Introduced: 16 May 2026

NewCVE-2026-3890 (opens in a new tab)

How to fix?

Upgrade Amazon-Linux:2 qemu-kvm to version 10:3.1.0-8.amzn2.0.24 or higher.
This issue was patched in ALAS2-2026-3293.

NVD Description

This vulnerability has not been analyzed by NVD yet.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3890