CVE-2026-46214

MEDIUM EPSS 2.8%
Published May 28, 20261mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 28, 2026 1mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtio_transport_recv_listen() calls sk_acceptq_added() before vsock_assign_transport(). If vsock_assign_transport() fails or selects a different transport, the error path returns without calling sk_acceptq_removed(), permanently incrementing sk_ack_backlog. After approximately backlog+1 such failures, sk_acceptq_is_full() returns true, causing the listener to reject all new connections. Fix by moving sk_acceptq_added() to after the transport validation, matching the pattern used by vmci_transport and hyperv_transport.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥5.5  –  <5.10.258
linuxlinux_kernel*≥5.11  –  <5.15.209
linuxlinux_kernel*≥5.16  –  <6.1.175
linuxlinux_kernel*≥6.2  –  <6.6.140
linuxlinux_kernel*≥6.7  –  <6.12.90
linuxlinux_kernel*≥6.13  –  <6.18.32
linuxlinux_kernel*≥6.19  –  <7.0.9

References 8

  • git.kernel.org https://git.kernel.org/stable/c/29371f3cc83e2a92265b4768014a30b80234112f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2ea5d2c79edcc99c7dbe0bb7518f5e1ee2a2391f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/52bcb57a4e8a0865a76c587c2451906342ae1b2d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65c484726e74013a2ec7ba67a34d87760ae8f390
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6d3275fc4ed968938e1d556c344798046776668d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e9edf9893cf26d060705c910a9b62d8cc96ed56a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f66c7904fb6f0e420a654bc90909e64a25d00896
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fd51e810affa38d735d04261e673b2a5fe9c8665
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/29371f3cc83e2a92265b4768014a30b80234112f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2ea5d2c79edcc99c7dbe0bb7518f5e1ee2a2391f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/52bcb57a4e8a0865a76c587c2451906342ae1b2d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65c484726e74013a2ec7ba67a34d87760ae8f390
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6d3275fc4ed968938e1d556c344798046776668d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e9edf9893cf26d060705c910a9b62d8cc96ed56a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f66c7904fb6f0e420a654bc90909e64a25d00896
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/fd51e810affa38d735d04261e673b2a5fe9c8665
    Patch