Lucene search
K

1021 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/virtio: fix potential unbounded skb queue virtiotransportincrxpkt checks vvs-rxbytes + len vvs-bufalloc. virtiotransportrecvenqueue skips coalescing for...

7.1CVSS6AI score0.0014EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/vmci: fix skackbacklog leak on failed handshake When vmcitransportrecvconnectingserver returns an error, vmcitransportrecvlisten calls vsockremovepending...

5.5CVSS6AI score0.00128EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 8:20 a.m.11 views

CVE-2026-53132

A flaw was found in the Linux kernel's vsock/virtio component. A remote attacker could send specially crafted packets with zero length and an End-of-Message EOM flag. This could lead to an unbounded queue of packets, consuming excessive memory and potentially causing a Denial of Service DoS due t...

7.1CVSS5.8AI score0.0014EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.7 views

SUSE CVE-2026-53181

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: fix skackbacklog leak on failed handshake When vmcitransportrecvconnectingserver returns an error, vmcitransportrecvlisten calls vsockremovepending but never calls skacceptqremoved. This leaves skackbacklog incremente...

5.8AI score0.00128EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 6:17 p.m.7 views

CVE-2026-52994

A flaw was found in the Linux kernel's vsock/virtio component. This vulnerability involves an accounting error in the MSGZEROCOPY pinned-pages mechanism, where the system's resource limit for locked memory RLIMITMEMLOCK may not be properly enforced. This could allow a local attacker or a maliciou...

5.5CVSS5.8AI score0.00173EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53181

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: fix skackbacklog leak on failed handshake When vmcitransportrecvconnectingserver returns an error, vmcitransportrecvlisten calls vsockremovepending but never calls skacceptqremoved. This leaves skackbacklog incremente...

5.5CVSS0.00128EPSS
Exploits0References8
NVD
NVD
added 2026/06/25 9:16 a.m.14 views

CVE-2026-53132

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtiotransportincrxpkt checks vvs-rxbytes + len vvs-bufalloc. virtiotransportrecvenqueue skips coalescing for packets with VIRTIOVSOCKSEQEOM. If fed with packets with len == 0 and...

7.1CVSS0.0014EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39272

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: fix skackbacklog leak on failed handshake When vmcitransportrecvconnectingserver returns an error, vmcitransportrecvlisten calls vsockremovepending but never calls skacceptqremoved. This leaves skackbacklog incremente...

5.8AI score0.00128EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.5 views

CVE-2026-53181

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: fix skackbacklog leak on failed handshake When vmcitransportrecvconnectingserver returns an error, vmcitransportrecvlisten calls vsockremovepending but never calls skacceptqremoved. This leaves skackbacklog incremente...

5.5CVSS5.7AI score0.00128EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:38 a.m.13 views

CVE-2026-53132

CVE-2026-53132 affects the Linux kernel vsock/virtio, where receiving zero-length packets with VIRTIO_VSOCK_SEQ_EOM could cause an unbounded skb queue growth, exhausting memory. The root cause is a miscalculation of backlog: vvs->rx_bytes + len > vvs->buf_alloc allows large queues when l...

7.1CVSS5.7AI score0.0014EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53132

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtiotransportincrxpkt checks vvs-rxbytes + len vvs-bufalloc. virtiotransportrecvenqueue skips coalescing for packets with VIRTIOVSOCKSEQEOM. If fed with packets with len == 0 and...

7.1CVSS5.6AI score0.0014EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52228

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the vsock/virtio component where a potential unbounded skb socket buffer queue can occur. The virtio transport inc rx pkt function checks if vvs-rx bytes plus the pack...

7.1CVSS5.9AI score0.0014EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.15 views

PT-2026-52277

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the vsock/vmci component during a failed handshake. When the function vmci transport recv connecting server returns an error, the vmci transport recv listen...

5.5CVSS6AI score0.00128EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-52994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/virtio: fix MSGZEROCOPY pinned-pages accounting virtiotransportinitzcopyskb uses iter-count as the size argument for msgzerocopyrealloc, which in turn...

6AI score0.00173EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:29 p.m.9 views

CVE-2026-52994

CVE-2026-52994 affects the Linux kernel virtio transport for vsock zcopy: virtio_transport_init_zcopy_skb() previously used iter->count as the size for msg_zerocopy_realloc(), which then desks mm_account_pinned_pages() for RLIMIT_MEMLOCK. Because iter->count is consumed by virtio_transport_...

5.7AI score0.00173EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transport derives its TX credit directly from peerbufalloc, which is set based on the remote endpoint’s SOVMSOCKETSBUFFERSIZE value. On the host side, this means that th...

5.5CVSS6.1AI score0.00142EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: vsock/virtio: Only linear skb values are coalesced. In vsock/virtio common, attempts to coalesce buffers in the rx queue: if a linear skb with a spare tail room is followed by a small skb whose length is limited by GOODCOPYLEN...

5.9AI score0.00166EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Fixed a potential underflow in virtiotransportgetcredit. The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: c ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer reduces its...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.1 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: vsock: Ignore signals/timesouts on connect if the socket is already established. During connect, acting on a signal/timesout by disconnecting an already established socket leads to several issues: 1. connect invokes...

6AI score0.00203EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 10:8 a.m.6 views

RHSA-2026:28038 Red Hat Security Advisory: gvisor-tap-vsock security update

Bulletin has no description...

7.8CVSS5.8AI score0.00621EPSS
Exploits0References33
Rows per page
Query Builder