CVE-2026-23069
Published: Feb 4, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtio_transport_get_credit() The credit calculation in virtio_transport_get_credit() uses unsigned arithmetic: ret = vvs->peer_buf_alloc - (vvs->tx_cnt - vvs->peer_fwd_cnt); If the peer shrinks its advertised buffer (peer_buf_alloc) while bytes are in flight, the subtraction can underflow and produce a large positive value, potentially allowing more data to be queued than the peer can handle. Reuse virtio_transport_has_space() which already handles this case and add a comment to make it clear why we are doing that. [Stefano: use virtio_transport_has_space() instead of duplicating the code] [Stefano: tweak the commit message]
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 06a8fc78367d070720af960dcecec917d3ae5f3b - < d96de882d6b99955604669d962ae14e94b66a551affected 06a8fc78367d070720af960dcecec917d3ae5f3b - < 02f9af192b98d15883c70dd41ac76d1b0217c899affected 06a8fc78367d070720af960dcecec917d3ae5f3b - < d05bc313788f0684b27f0f5b60c52a844669b542affected 06a8fc78367d070720af960dcecec917d3ae5f3b - < ec0f1b3da8061be3173d1c39faaf9504f91942c3affected 06a8fc78367d070720af960dcecec917d3ae5f3b - < 3ef3d52a1a9860d094395c7a3e593f3aa26ff012 |
Linux | Linux | affected 4.8unaffected 0 - < 4.8unaffected 6.1.162 - <= 6.1.*unaffected 6.6.122 - <= 6.6.*unaffected 6.12.68 - <= 6.12.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now