CVE Catalog

CVE-2026-46234

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

A vulnerability has been identified in the Linux kernel within the vsock_update_buffer_size() function, allowing the buffer size to exceed the maximum limit. The issue stemmed from an incorrect order of checking minimum and maximum values, potentially violating socket memory boundaries.

Risk Assessment

Violating socket memory boundaries may lead to unpredictable system behavior, posing risks to the stability and security of applications utilizing virtual sockets.

Recommendation

It is recommended to update the Linux kernel to the latest version to apply the fix that corrects the order of buffer size checks.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: vsock: fix buffer size clamping order In vsock_update_buffer_size(), the buffer size was being clamped to the maximum first, and then to the minimum. If a user sets a minimum buffer size larger than the maximum, the minimum check overrides the maximum check, inverting the constraint. This breaks the intended socket memory boundaries by allowing the vsk->buffer_size to grow beyond the configured vsk->buffer_max_size. Fix this by checking the minimum first, and then the maximum. This ensures the buffer size never exceeds the buffer_max_size.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS