4 matches found
CVE-2026-52994
A flaw was found in the Linux kernel's vsock/virtio component. This vulnerability involves an accounting error in the MSGZEROCOPY pinned-pages mechanism, where the system's resource limit for locked memory RLIMITMEMLOCK may not be properly enforced. This could allow a local attacker or a maliciou...
EUVD-2026-38862
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix MSGZEROCOPY pinned-pages accounting virtiotransportinitzcopyskb uses iter-count as the size argument for msgzerocopyrealloc, which in turn passes it to mmaccountpinnedpages for RLIMITMEMLOCK accounting. However,...
CVE-2026-52994
CVE-2026-52994 affects the Linux kernel virtio transport for vsock zcopy: virtio_transport_init_zcopy_skb() previously used iter->count as the size for msg_zerocopy_realloc(), which then desks mm_account_pinned_pages() for RLIMIT_MEMLOCK. Because iter->count is consumed by virtio_transport_...
security flaw
Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service CPU and memory consumption and bypass RLIMMEMLOCK limits via the mlockall call...