CVE-2026-23057

EPSS -
Veröffentlicht 04.02.2026 16:07:40
Zuletzt bearbeitet 04.02.2026 17:16:16
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

vsock/virtio: Coalesce only linear skb

vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb
(with a spare tail room) is followed by a small skb (length limited by
GOOD_COPY_LEN = 128), an attempt is made to join them.

Since the introduction of MSG_ZEROCOPY support, assumption that a small skb
will always be linear is incorrect. In the zerocopy case, data is lost and
the linear skb is appended with uninitialized kernel memory.

Of all 3 supported virtio-based transports, only loopback-transport is
affected. G2H virtio-transport rx queue operates on explicitly linear skbs;
see virtio_vsock_alloc_linear_skb() in virtio_vsock_rx_fill(). H2G
vhost-transport may allocate non-linear skbs, but only for sizes that are
not considered for coalescence; see PAGE_ALLOC_COSTLY_ORDER in
virtio_vsock_alloc_skb().

Ensure only linear skbs are coalesced. Note that skb_tailroom(last_skb) > 0
guarantees last_skb is linear.

Betroffene Produkte Warnungen 0 Metriken 0 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 568e9cd8ed7ca9bf748c7687ba6501f29d30e59f

Version 581512a6dc939ef122e49336626ae159f3b8a345

Status affected

Version < 63ef9b300bd09e24c57050c5dbe68feedce42e72

Version 581512a6dc939ef122e49336626ae159f3b8a345

Status affected

Version < 0386bd321d0f95d041a7b3d7b07643411b044a96

Version 581512a6dc939ef122e49336626ae159f3b8a345

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.7

Status affected

Version < 6.7

Version 0

Status unaffected

Version <= 6.12.*

Version 6.12.68

Status unaffected

Version <= 6.18.*

Version 6.18.8

Status unaffected

Version <= *

Version 6.19-rc7

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

Es wurden noch keine Metriken (CVSS, EPSS) zu dieser CVE veröffentlicht.

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/568e9cd8ed7ca9bf748c7687ba6501f29d30e59f

https://git.kernel.org/stable/c/63ef9b300bd09e24c57050c5dbe68feedce42e72

https://git.kernel.org/stable/c/0386bd321d0f95d041a7b3d7b07643411b044a96

https://nvd.nist.gov/vuln/detail/CVE-2026-23057

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-23057

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-23057

EUVD