CVE-2026-46207
Buffer Overflow in Linux Kernel vsock/virtio
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's vsock/virtio component, where the code responsible for handling non-linear socket buffers (skbs) incorrectly initializes an iterator used to copy data payloads. Specifically, the function virtio_transport_build_skb() calls virtio_transport_copy_nonlinear_skb() to copy the payload, but the iterator's count is not set, resulting in zero bytes being copied. This means that the data payload sent to the vsockmon tap device is left uninitialized or empty.
The fix involved removing the distinction between linear and non-linear buffers and using a single function, skb_copy_datagram_iter(), which properly initializes the iterator and handles both buffer types correctly, ensuring the payload is copied as intended.
How can this vulnerability impact me? :
Because the payload data is not properly copied and remains uninitialized, any monitoring or tap device relying on this data may receive incomplete or incorrect information. This could lead to data integrity issues or misinterpretation of the data being monitored.
While the vulnerability does not explicitly mention security breaches such as data leakage or privilege escalation, the presence of uninitialized data could potentially cause unexpected behavior in applications or monitoring tools that depend on accurate payload data.