CVE-2026-23069

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> vsock/virtio: fix potential underflow in virtio_transport_get_credit()<br /> <br /> The credit calculation in virtio_transport_get_credit() uses unsigned<br /> arithmetic:<br /> <br /> ret = vvs-&gt;peer_buf_alloc - (vvs-&gt;tx_cnt - vvs-&gt;peer_fwd_cnt);<br /> <br /> If the peer shrinks its advertised buffer (peer_buf_alloc) while bytes<br /> are in flight, the subtraction can underflow and produce a large<br /> positive value, potentially allowing more data to be queued than the<br /> peer can handle.<br /> <br /> Reuse virtio_transport_has_space() which already handles this case and<br /> add a comment to make it clear why we are doing that.<br /> <br /> [Stefano: use virtio_transport_has_space() instead of duplicating the code]<br /> [Stefano: tweak the commit message]