Описание
In the Linux kernel, the following vulnerability has been resolved:
vsock/vmci: Clear the vmci transport packet properly when initializing it
In vmci_transport_packet_init memset the vmci_transport_packet before
populating the fields to avoid any uninitialised data being left in the
structure.
A flaw was found in the Linux kernel's vsock/vmci component. A local attacker with low privileges could exploit a vulnerability where the vmci_transport_packet structure is not properly cleared during initialization. This can lead to the use of uninitialized data, potentially allowing for information disclosure, privilege escalation, or a denial of service (DoS).
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 10 | kernel | Fixed | RHSA-2026:2282 | 09.02.2026 |
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2026:2378 | 10.02.2026 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2026:2264 | 09.02.2026 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2026:2212 | 09.02.2026 |
| Red Hat Enterprise Linux 9 | kernel | Fixed | RHSA-2026:2212 | 09.02.2026 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.1 High
CVSS3
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet before populating the fields to avoid any uninitialised data being left in the structure.
In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet before populating the fields to avoid any uninitialised data being left in the structure.
vsock/vmci: Clear the vmci transport packet properly when initializing it
In the Linux kernel, the following vulnerability has been resolved: v ...
In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet before populating the fields to avoid any uninitialised data being left in the structure.
EPSS
7.1 High
CVSS3