CVE-2026-46214

In the Linux kernel, the following vulnerability has been resolved:

vsock/virtio: fix accept queue count leak on transport mismatch

virtio transport recv listen() calls sk acceptq added() before vsock assign transport(). If vsock assign transport() fails or selects a different transport, the error path returns without calling sk acceptq removed(), permanently incrementing sk ack backlog.

After approximately backlog+1 such failures, sk acceptq is full() returns true, causing the listener to reject all new connections.

Fix by moving sk acceptq added() to after the transport validation, matching the pattern used by vmci transport and hyperv transport.