Lucene search
K

1031 matches found

CVE
CVE
added 2026/05/28 9:40 a.m.39 views

CVE-2026-46207

The CVE-2026-46207 issue affects the Linux kernel’s vsock/virtio path, where non-linear skbs could fail to copy payloads to the vsockmon tap device due to iov_iter not being properly initialized. The fix standardizes handling for both linear and non-linear skbs by removing the linear/non-linear s...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the null payload in the non-linear buffer tapskb within the vsock/virtio driver. This vulnerability may...

5.9AI score0.00127EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a sequential error in the size limitation of the vsock buffer. Instead of limiting the minimum...

5.9AI score0.00129EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.16 views

PT-2026-44337

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak occurs in the vsock/virtio component of the Linux kernel due to a transport mismatch. The function virtio transport recv listen invokes sk acceptq added before vsock assi...

5.5CVSS6AI score0.00128EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.15 views

PT-2026-44357

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the vsock update buffer size function where the buffer size clamping order is incorrect. The system clamped the buffer size to the maximum value first and then to the...

9.8CVSS6.1AI score0.03663EPSS
Exploits18References285
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.14 views

PT-2026-44330

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the vsock/virtio component where non-linear skbs socket buffers result in an empty payload in the tap skb. The virtio transport build skb function utilizes virtio...

9.8CVSS5.9AI score0.005EPSS
Exploits1References289
OSV
OSV
added 2026/05/22 9:5 a.m.31 views

CLSA-2026-1779375889 kernel: Fix of 95 CVEs

perf/x86/intel/uncore: Fix die ID init and look up bugs CVE-2026-43344 - x86/apic: Disable x2apic on resume if the kernel expects so CVE-2026-43363 - drm/amdgpu: Fix use-after-free race in VM acquire CVE-2026-43370 - dm: remove fake timeout to avoid leak request CVE-2026-43314 - md/bitmap: fix...

7.8CVSS5.9AI score0.00283EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vsock: Remove the socket from the connected list when the connect operation is interrupted by a signal. The vsockconnect function expects that the socket might already be in the TCPESTABLISHED state when the connect operation is...

5.5CVSS5.6AI score0.0024EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vsock/bpf: Return early if the transport is not assigned. Some of the core functions can only be called if the transport has been assigned. As Michal reported, a socket may have NULL as the transport value, for example after a...

5.5CVSS6.1AI score0.00199EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: vhost/vsock: Use kvmalloc/kvfree for larger packets. When copying a large file via sftp using vsock, the data size is usually 32 kB. In such cases, kmalloc seems to fail when attempting to allocate 32 32 kB regions. vhost-5837...

5.5CVSS6.1AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in the vhost-vsock device of QEMU. In the event of an error, an invalid element was not detached from the virtqueue before freeing its memory, resulting in memory leakage and other unexpected issues. This issue affects QEMU versions up to 6.2.0...

3.2CVSS6.1AI score0.00391EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A vulnerability has been discovered in the Linux kernel. It has been identified as a problem. This vulnerability affects the function vsockconnect in the file net/vmwvsock/afvsock.c. Manipulation of this function leads to a memory leak. The complexity of an attack is quite high. Exploitation of...

3.3CVSS5.8AI score0.00326EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.16 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: virtio/vsock: Fixed an uninit-value issue in virtiotransportrecvpkt KMSAN reported the following uninit-value access issues: ===================================================== BUG: KMSAN: uninit-value in...

7.1CVSS6AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Added checks for skisinet and ISICSK in tlsswhasctxtx/rx. With the introduction of support for vsock and Unix sockets in sockmap, tlsswhasctxtx/rx cannot assume that the socket passed in must be of type ISICSK. Sockets of...

5.5CVSS6.5AI score0.00221EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.28 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021540)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021540 advisory. In the Linux kernel, the following vulnerability has been resolved: virtio/vsock: Fix acceptqueue memory leak As the final stages of socket destruction may be delaye...

5.5CVSS6.4AI score0.00251EPSS
Exploits0References4
OSV
OSV
added 2026/05/14 10:5 a.m.25 views

RHSA-2026:17084 Red Hat Security Advisory: gvisor-tap-vsock security update

Bulletin has no description...

7.8CVSS6.9AI score0.00765EPSS
Exploits3References57
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.17 views

RHEL 10 : gvisor-tap-vsock (RHSA-2026:17084)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17084 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp,...

10CVSS7.2AI score0.00765EPSS
Exploits3References16
RedHat Linux
RedHat Linux
added 2026/05/13 3:39 p.m.18 views

Important: Red Hat Security Advisory: gvisor-tap-vsock security update

An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.1AI score0.00765EPSS
Exploits3References8
OSV
OSV
added 2026/04/30 10:10 a.m.16 views

RHSA-2026:12033 Red Hat Security Advisory: gvisor-tap-vsock security update

Bulletin has no description...

7.5CVSS6.7AI score0.00765EPSS
Exploits3References35
RedHat Linux
RedHat Linux
added 2026/04/30 3:35 a.m.9 views

Important: Red Hat Security Advisory: gvisor-tap-vsock security update

An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.2AI score0.00765EPSS
Exploits3References5
Rows per page
Query Builder