Lucene search
K

34 matches found

OSV
OSV
added 2026/05/28 10:16 a.m.6 views

UBUNTU-CVE-2026-46214

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:40 a.m.8 views

CVE-2026-46214

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

5.8AI score0.00128EPSS
Exploits0References9Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.14 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: virtio/vsock: Fixed an uninit-value issue in virtiotransportrecvpkt KMSAN reported the following uninit-value access issues: ===================================================== BUG: KMSAN: uninit-value in...

7.1CVSS6AI score0.00244EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/11 9:26 a.m.5 views

SUSE CVE-2026-5747

An out-of-bounds write issue in the virtio PCI transport in Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x8664 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virtio queue...

7.5CVSS6.8AI score0.00208EPSS
Exploits0References3
Redos
Redos
added 2026/04/08 12:0 a.m.3 views

ROS-20260408-73-0001

A vulnerability in the net/vmwvsock/virtiotransport.c component of the Linux operating system kernel is related to writing beyond buffer boundaries. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00137EPSS
Exploits0
EUVD
EUVD
added 2026/04/07 11:17 p.m.3 views

EUVD-2026-19996

An out-of-bounds write issue in the virtio PCI transport in Amazon Firecracker 1.13.0 through 1.14.3 and 1.15.0 on x8664 and aarch64 might allow a local guest user with root privileges to crash the Firecracker VMM process or potentially execute arbitrary code on the host via modification of virti...

8.7CVSS6.6AI score0.00208EPSS
Exploits0References4
CVE
CVE
added 2026/04/07 11:17 p.m.47 views

CVE-2026-5747

Summary: CVE-2026-5747 is a local, hypothetical out-of-bounds write in the virtio-pci transport of Firecracker. Affects Firecracker versions 1.13.0–1.14.3 and 1.15.0 on x86_64 and aarch64. The issue could allow a local guest user with root privileges to crash the Firecracker VMM process or potent...

8.7CVSS6.7AI score0.00208EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/02/04 5:16 p.m.6 views

CVE-2026-23069

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

5.5CVSS0.00127EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23069

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References12
OSV
OSV
added 2026/02/04 5:16 p.m.5 views

UBUNTU-CVE-2026-23069

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References16
Cvelist
Cvelist
added 2026/02/04 4:8 p.m.34 views

CVE-2026-23086 vsock/virtio: cap TX credit to local buffer size

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peerbufalloc, which is set from the remote endpoint's SOVMSOCKETSBUFFERSIZE value. On the host side this means that the...

0.00142EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/02/04 4:7 p.m.4 views

CVE-2026-23069 vsock/virtio: fix potential underflow in virtio_transport_get_credit()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

5.5AI score0.00127EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:7 p.m.5 views

CVE-2026-23069

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

5.3AI score0.00127EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/02/04 4:7 p.m.62 views

CVE-2026-23069

CVE-2026-23069 (Linux kernel) : In vsock/virtio, the credit calculation in virtio_transport_get_credit() can underflow when the peer’s advertised buffer (peer_buf_alloc) shrinks while data is in flight, potentially allowing more data to be queued than the peer can handle. The issue arises from un...

5.5CVSS5.4AI score0.00127EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/04 4:7 p.m.3 views

CVE-2026-23069 vsock/virtio: fix potential underflow in virtio_transport_get_credit()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

5.5CVSS5.4AI score0.00127EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/02/04 4:7 p.m.26 views

CVE-2026-23069 vsock/virtio: fix potential underflow in virtio_transport_get_credit()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

0.00127EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-51791

Malicious code in bioql PyPI...

5.5CVSS7.2AI score0.00251EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.10 views

The vulnerability of the net/vmw_vsock/virtio_transport_common.c component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the net/vmwvsock/virtiotransportcommon.c component in the Linux operating system is related to information disclosure. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00213EPSS
Exploits0References7Affected Software4
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.3 views

kernel: vsock: Update rx_bytes on read_skb()

In the Linux kernel, the following vulnerability has been resolved: vsock: Update rxbytes on readskb Make sure virtiotransportincrxpkt and virtiotransportdecrxpkt calls are balanced i.e. virtiovsocksock::rxbytes doesn't lie after vsocktransport::readskb. While here, also inform the peer that we'v...

5.5CVSS6.7AI score0.00213EPSS
Exploits0References5
OSV
OSV
added 2025/04/17 1:15 a.m.7 views

CVE-2025-1290

A race condition Use-After-Free vulnerability exists in the virtiotransportspaceupdate function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtiovsocksock structure during an AFVSOCK connect syscall can occur before a worker thread accesses it resulting in a...

8.1CVSS5.9AI score0.00253EPSS
Exploits1References2
Rows per page
Query Builder