Understanding the new AF_VSOCK Linux kernel vulnerability

Understanding the new AF_VSOCK Linux kernel vulnerabilityThe discovery of a new Linux kernel vulnerability is not a major surprise in its own right. It happens all the time. However, sometimes it appears as if, whenever a security researcher goes looking, the researcher discovers a new, serious vulnerability in the Linux kernel – and that it happens just too often for comfort.

This February, a new vulnerability was reported in a relatively obscure corner of the Linux kernel – in a function that facilitates communications between virtual machine host and guest. Though just discovered, it is already listed as CVE-2021-26708.

In this article we outline the vulnerability, explain how it emerged, and point to the potential risks the new vulnerability holds.

Continue reading “Understanding the new AF_VSOCK Linux kernel vulnerability”