7.1
CVE-2026-53132
- EPSS 0.14%
- Veröffentlicht 25.06.2026 08:38:21
- Zuletzt bearbeitet 06.07.2026 15:23:07
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
vsock/virtio: fix potential unbounded skb queue
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtio_transport_inc_rx_pkt() checks vvs->rx_bytes + len > vvs->buf_alloc. virtio_transport_recv_enqueue() skips coalescing for packets with VIRTIO_VSOCK_SEQ_EOM. If fed with packets with len == 0 and VIRTIO_VSOCK_SEQ_EOM, a very large number of packets can be queued because vvs->rx_bytes stays at 0. Fix this by estimating the skb metadata size: (Number of skbs in the queue) * SKB_TRUESIZE(0)
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.1.63 < 6.2
Linux ≫ Linux Kernel Version >= 6.3.1 < 6.12.94
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.36
Linux ≫ Linux Kernel Version >= 6.19 < 7.0.13
Linux ≫ Linux Kernel Version6.3 Update-
Linux ≫ Linux Kernel Version6.3 Updaterc3
Linux ≫ Linux Kernel Version6.3 Updaterc4
Linux ≫ Linux Kernel Version6.3 Updaterc5
Linux ≫ Linux Kernel Version6.3 Updaterc6
Linux ≫ Linux Kernel Version6.3 Updaterc7
Linux ≫ Linux Kernel Version7.1 Updaterc1
Linux ≫ Linux Kernel Version7.1 Updaterc2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.037 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.1 | 2.5 | 4 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/1eca304f97a34ed5e921e1f0e06c8b241f25bf12
https://git.kernel.org/stable/c/9bdc637fde66b63d6cad0caacd034888bb7bf5f5
https://git.kernel.org/stable/c/100d5b2ffdc6468b9e48532641f29e83efdcb63c
https://git.kernel.org/stable/c/059b7dbd20a6f0c539a45ddff1573cb8946685b5