CVE-2026-53132

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtiotransportincrxpkt checks vvs-rxbytes + len vvs-bufalloc. virtiotransportrecvenqueue skips coalescing for packets with VIRTIOVSOCKSEQEOM. If fed with packets with len == 0 and...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: virtio/vsock: Fixed an uninit-value issue in virtiotransportrecvpkt KMSAN reported the following uninit-value access issues: ===================================================== BUG: KMSAN: uninit-value in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fixed the acceptqueue memory leak Since the final stages of socket destruction may be delayed, it is possible that virtiotransportrecvlisten will be called after the acceptqueue has been flushed, but before the...

CVE-2026-46214

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021540)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021540 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix acceptqueue memory leak As the final stages of socket destruction may be delaye...

CVE-2026-23086

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peerbufalloc, which is set from the remote endpoint's SOVMSOCKETSBUFFERSIZE value. On the host side this means that the...

CVE-2026-23086

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peerbufalloc, which is set from the remote endpoint's SOVMSOCKETSBUFFERSIZE value. On the host side this means that the...

CVE-2026-23086 vsock/virtio: cap TX credit to local buffer size

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peerbufalloc, which is set from the remote endpoint's SOVMSOCKETSBUFFERSIZE value. On the host side this means that the...

EUVD-2026-5456

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peerbufalloc, which is set from the remote endpoint's SOVMSOCKETSBUFFERSIZE value. On the host side this means that the...

CVE-2026-23086 vsock/virtio: cap TX credit to local buffer size

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peerbufalloc, which is set from the remote endpoint's SOVMSOCKETSBUFFERSIZE value. On the host side this means that the...

EUVD-2026-5487

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...

K000159002: Linux kernel vulnerability CVE-2025-39718

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately,...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

RLSA-2025:20518 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

kernel: vsock/virtio: Validate length in packet header before skb_put()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

kernel: virtio/vsock: Fix accept_queue memory leak

In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix acceptqueue memory leak As the final stages of socket destruction may be delayed, it is possible that virtiotransportrecvlisten will be called after the acceptqueue has been flushed, but before the SOCKDONE flag...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

CentOS 9 : kernel-5.14.0-626.el9

"The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-626.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with...

Linux Distros Unpatched Vulnerability : CVE-2025-39718

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to...

SUSE CVE-2025-39718

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...