CVE-2026-23057

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...

MiracleLinux 9 : kernel-5.14.0-570.58.1.el9_6 (AXSA:2025-11021:85)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11021:85 advisory. kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry...

Security Bulletin: Multiple components with known vulnerabilities in IBM QRadar SIEM

Summary Multiple components with known vulnerabilities were addressed in IBM QRadar SIEM version 7.5.0 UP14 IF03 Vulnerability Details CVEID:CVE-2025-39718 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput...

EUVD-2025-201209

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...

RLSA-2025:19105 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 kernel: NFS: Fix filehandle bounds checking in nfsfhtodentry CVE-2025-39730 kernel: ALSA: hda/ca0132: Fix buffe...

CVE-2025-39718

CVE-2025-39718 affects the Linux kernel vulnerability in vsock/virtio packet handling. The issue arises when receiving a VSock packet in a guest: only the virtqueue buffer size was previously validated before virtio_vsock_skb_rx_put(), but the function uses the packet header length as the skb_put...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of the MSGZEROCOPY error in the virtio/vsock component and the lack of the kfreeskb call,...

AZL-53507 CVE-2024-50264 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans During loopback communication, a dangling pointer can be created in vsk-trans, potentially leading to a Use-After-Free condition. This issue is resolved ...

PT-2018-2586 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to a flaw in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between the...