Main Vulnerability Database SB2026020540

SB2026020540 - Use of uninitialized resource in Linux kernel vmw_vsock

Published: February 5, 2026

Security Bulletin ID SB2026020540

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Use of uninitialized resource (CVE-ID: CVE-2026-23057)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the virtio_transport_recv_enqueue() function in net/vmw_vsock/virtio_transport_common.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/0386bd321d0f95d041a7b3d7b07643411b044a96
https://git.kernel.org/stable/c/568e9cd8ed7ca9bf748c7687ba6501f29d30e59f
https://git.kernel.org/stable/c/63ef9b300bd09e24c57050c5dbe68feedce42e72