References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

vsock/virtio: Validate length in packet header before skb_put()

When receiving a vsock packet in the guest, only the virtqueue buffer
size is validated prior to virtio_vsock_skb_rx_put(). Unfortunately,
virtio_vsock_skb_rx_put() uses the length from the packet header as the
length argument to skb_put(), potentially resulting in SKB overflow if
the host has gone wonky.

Validate the length as advertised by the packet header before calling
virtio_vsock_skb_rx_put().

https://git.kernel.org/stable/c/0dab92484474587b82e8e0455839eaf5ac7bf894

https://git.kernel.org/stable/c/676f03760ca1d69c2470cef36c44dc152494b47c

https://git.kernel.org/stable/c/969b06bd8b7560efb100a34227619e7d318fbe05

https://git.kernel.org/stable/c/ee438c492b2e0705d819ac0e25d04fae758d8f8f

https://git.kernel.org/stable/c/faf332a10372390ce65d0b803888f4b25a388335