Data Handling Flaw in Linux Kernel Affecting Non-linear Buffer Copying
CVE-2026-46207

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-46207?

A vulnerability in the Linux kernel related to vsock and non-linear buffers could lead to uninitialized data being sent to the monitor interface. The issue arises when the virtio_transport_build_skb() function fails to correctly copy payloads from non-linear sk_buffs, resulting in potential data leakage. The fix implements a more robust copying method that handles both linear and non-linear buffers, ensuring that iov_iter is properly initialized and payloads are appropriately copied, which enhances data integrity through improved handling mechanisms.

Affected Version(s)

Linux 4b0bf10eb077cb43c09746251ef3608d62c45667 < 06747f52ab157591cec7e5623a759473b66ef6f6

Linux 4b0bf10eb077cb43c09746251ef3608d62c45667 < 52da6a74ca3de0fcda60301096b71534b3b18641

Linux 4b0bf10eb077cb43c09746251ef3608d62c45667 < 378b131a25bd1a5ee27ca199fe486c299d5350c5

References

https://git.kernel.org/stable/c/06747f52ab157591cec7e5623...

https://git.kernel.org/stable/c/52da6a74ca3de0fcda6030109...

https://git.kernel.org/stable/c/378b131a25bd1a5ee27ca199f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46207 Data

JSON