CVE-2026-23069 vsock/virtio: fix potential underflow in virtio_transport_get_credit()

🗓️ 04 Feb 2026 16:07:49Reported by LinuxType

Fix underflow in virtio_transport_get_credit by using virtio_transport_has_space for in-flight data.

Reporter	Title	Published	Views	Family All 138
ATTACKERKB	CVE-2026-23069	4 Feb 202616:07	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1455)	6 Mar 202600:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1468)	6 Mar 202600:00	–	nessus
Tenable Nessus	Debian dla-4476 : linux-config-6.1 - security update	11 Feb 202600:00	–	nessus
Tenable Nessus	Debian dsa-6126 : ata-modules-6.12.31-armmp-di - security update	9 Feb 202600:00	–	nessus
Tenable Nessus	Debian dsa-6127 : affs-modules-6.1.0-37-4kc-malta-di - security update	9 Feb 202600:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.12.1 : kernel (EulerOS-SA-2026-2077)	6 Jun 202600:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.12.0 : kernel (EulerOS-SA-2026-2102)	6 Jun 202600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-2209)	9 Jun 202600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-2247)	9 Jun 202600:00	–	nessus

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/vmw_vsock/virtio_transport_common.c"
    ],
    "versions": [
      {
        "version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
        "lessThan": "d96de882d6b99955604669d962ae14e94b66a551",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
        "lessThan": "02f9af192b98d15883c70dd41ac76d1b0217c899",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
        "lessThan": "d05bc313788f0684b27f0f5b60c52a844669b542",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
        "lessThan": "ec0f1b3da8061be3173d1c39faaf9504f91942c3",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
        "lessThan": "3ef3d52a1a9860d094395c7a3e593f3aa26ff012",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/vmw_vsock/virtio_transport_common.c"
    ],
    "versions": [
      {
        "version": "4.8",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "4.8",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.162",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.122",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.68",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.8",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.19",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/3ef3d52a1a9860d094395c7a3e593f3aa26ff012
git	www.git.kernel.org/stable/c/d96de882d6b99955604669d962ae14e94b66a551
git	www.git.kernel.org/stable/c/ec0f1b3da8061be3173d1c39faaf9504f91942c3
git	www.git.kernel.org/stable/c/02f9af192b98d15883c70dd41ac76d1b0217c899
git	www.git.kernel.org/stable/c/d05bc313788f0684b27f0f5b60c52a844669b542

11 May 2026 21:59Current

EPSS0.00023