Lucene search
K

1021 matches found

OSV
OSV
added 2026/05/28 10:16 a.m.7 views

UBUNTU-CVE-2026-46207

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix empty payload in tap skb for non-linear buffers For non-linear skbs, virtiotransportbuildskb goes through virtiotransportcopynonlinearskb to copy the original payload in the new skb to be delivered to the vsockm...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References7
OSV
OSV
added 2026/05/28 10:16 a.m.4 views

UBUNTU-CVE-2026-46234

In the Linux kernel, the following vulnerability has been resolved: vsock: fix buffer size clamping order In vsockupdatebuffersize, the buffer size was being clamped to the maximum first, and then to the minimum. If a user sets a minimum buffer size larger than the maximum, the minimum check...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/05/28 9:40 a.m.34 views

CVE-2026-46234

CVE-2026-46234 affects the Linux kernel vsock code, specifically the vsock_update_buffer_size path. The bug arises from clamping the buffer size: it first enforces the maximum, then the minimum, which allows vsk->buffer_size to exceed vsk->buffer_max_size when a larger minimum is configured...

7.8CVSS5.9AI score0.00129EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:40 a.m.33 views

CVE-2026-46234 vsock: fix buffer size clamping order

In the Linux kernel, the following vulnerability has been resolved: vsock: fix buffer size clamping order In vsockupdatebuffersize, the buffer size was being clamped to the maximum first, and then to the minimum. If a user sets a minimum buffer size larger than the maximum, the minimum check...

0.00129EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/28 9:40 a.m.10 views

CVE-2026-46234

In the Linux kernel, the following vulnerability has been resolved: vsock: fix buffer size clamping order In vsockupdatebuffersize, the buffer size was being clamped to the maximum first, and then to the minimum. If a user sets a minimum buffer size larger than the maximum, the minimum check...

7.8CVSS5.8AI score0.00129EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 9:40 a.m.39 views

CVE-2026-46214 vsock/virtio: fix accept queue count leak on transport mismatch

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

0.00128EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:40 a.m.17 views

CVE-2026-46214

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

5.8AI score0.00128EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:40 a.m.7 views

CVE-2026-46214

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

5.5CVSS5.7AI score0.00128EPSS
Exploits0
EUVD
EUVD
added 2026/05/28 9:40 a.m.14 views

EUVD-2026-32841

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

5.8AI score0.00128EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 9:40 a.m.36 views

CVE-2026-46214

CVE-2026-46214 relates to the Linux kernel vsock/virtio transport: a backlog count leak occurs when vsock_assign_transport() fails or switches transport, because sk_acceptq_added() is called before transport validation and not removed on error. This can cause sk_acceptq_is_full() to reject new co...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:40 a.m.9 views

CVE-2026-46207

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix empty payload in tap skb for non-linear buffers For non-linear skbs, virtiotransportbuildskb goes through virtiotransportcopynonlinearskb to copy the original payload in the new skb to be delivered to the vsockm...

5.8AI score0.00127EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/28 9:40 a.m.13 views

EUVD-2026-32834

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix empty payload in tap skb for non-linear buffers For non-linear skbs, virtiotransportbuildskb goes through virtiotransportcopynonlinearskb to copy the original payload in the new skb to be delivered to the vsockm...

5.8AI score0.00127EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/28 9:40 a.m.32 views

CVE-2026-46207 vsock/virtio: fix empty payload in tap skb for non-linear buffers

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix empty payload in tap skb for non-linear buffers For non-linear skbs, virtiotransportbuildskb goes through virtiotransportcopynonlinearskb to copy the original payload in the new skb to be delivered to the vsockm...

0.00127EPSS
Exploits0References4
CVE
CVE
added 2026/05/28 9:40 a.m.35 views

CVE-2026-46207

The CVE-2026-46207 issue affects the Linux kernel’s vsock/virtio path, where non-linear skbs could fail to copy payloads to the vsockmon tap device due to iov_iter not being properly initialized. The fix standardizes handling for both linear and non-linear skbs by removing the linear/non-linear s...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:40 a.m.8 views

CVE-2026-46207

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix empty payload in tap skb for non-linear buffers For non-linear skbs, virtiotransportbuildskb goes through virtiotransportcopynonlinearskb to copy the original payload in the new skb to be delivered to the vsockm...

5.5CVSS5.7AI score0.00127EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.14 views

PT-2026-44357

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the vsock update buffer size function where the buffer size clamping order is incorrect. The system clamped the buffer size to the maximum value first and then to the...

9.8CVSS6.1AI score0.03663EPSS
Exploits16References285
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the null payload in the non-linear buffer tapskb within the vsock/virtio driver. This vulnerability may...

5.9AI score0.00127EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a sequential error in the size limitation of the vsock buffer. Instead of limiting the minimum...

5.9AI score0.00129EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.15 views

PT-2026-44337

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak occurs in the vsock/virtio component of the Linux kernel due to a transport mismatch. The function virtio transport recv listen invokes sk acceptq added before vsock assi...

5.5CVSS6AI score0.00128EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44330

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the vsock/virtio component where non-linear skbs socket buffers result in an empty payload in the tap skb. The virtio transport build skb function utilizes virtio...

9.8CVSS5.9AI score0.005EPSS
Exploits1References289
Rows per page
Query Builder