CVE-2026-46207

In the Linux kernel, the following vulnerability has been resolved:

vsock/virtio: fix empty payload in tap skb for non-linear buffers

For non-linear skbs, virtio transport build skb() goes through virtio transport copy nonlinear skb() to copy the original payload in the new skb to be delivered to the vsockmon tap device. This manually initializes an iov iter but does not set iov iter.count. Since the iov iter is zero-initialized, the copy length is zero and no payload is actually copied to the monitor interface, leaving data un-initialized.

Fix this by removing the linear vs non-linear split and using skb copy datagram iter() with iov iter kvec() for all cases, as vhost-vsock already does. This handles both linear and non-linear skbs, properly initializes the iov iter, and removes the now unused virtio transport copy nonlinear skb().

While touching this code, let's also check the return value of skb copy datagram iter(), even though it's unlikely to fail.