Copyright © 2012 Red Hat, Inc. All rights reserved. Moderate 2026-05-28T00:00:00 kernel: vsock/virtio: fix accept queue count leak on transport mismatch 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CWE-911

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtio_transport_recv_listen() calls sk_acceptq_added() before vsock_assign_transport(). If vsock_assign_transport() fails or selects a different transport, the error path returns without calling sk_acceptq_removed(), permanently incrementing sk_ack_backlog. After approximately backlog+1 such failures, sk_acceptq_is_full() returns true, causing the listener to reject all new connections. Fix by moving sk_acceptq_added() to after the transport validation, matching the pattern used by vmci_transport and hyperv_transport.

A flaw was found in the Linux kernel's `vsock/virtio` component. This vulnerability occurs when `virtio_transport_recv_listen()` calls `sk_acceptq_added()` before transport validation, leading to a permanent increment of the `sk_ack_backlog` counter if transport assignment fails. A remote attacker could exploit this flaw by repeatedly triggering transport mismatches, causing the listener to reject all new connections and resulting in a Denial of Service (DoS).

This Moderate flaw in the Linux kernel's `vsock/virtio` component can lead to a denial of service. By repeatedly triggering transport mismatches during connection attempts, a remote attacker could exhaust the accept queue, causing the listener to reject all new connections in affected virtualized environments. Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Red Hat Enterprise Linux 10 Fix deferred kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel Red Hat Enterprise Linux 7 Not affected kernel-rt Red Hat Enterprise Linux 8 Fix deferred kernel Red Hat Enterprise Linux 8 Fix deferred kernel-rt Red Hat Enterprise Linux 9 Fix deferred kernel Red Hat Enterprise Linux 9 Fix deferred kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-46214 https://nvd.nist.gov/vuln/detail/CVE-2026-46214 https://lore.kernel.org/linux-cve-announce/2026052835-CVE-2026-46214-9b8d@gregkh/T