378 matches found
CVE-2026-53361
A flaw was found in the Linux kernel's afunix component. A race condition exists within the unixgc garbage collection function where the gcinprogress flag may not be correctly set. This could lead to unixpeekfpl misinterpreting garbage collection status when handling MSGPEEK operations, potential...
CVE-2026-53361
In the Linux kernel, the following vulnerability has been resolved: afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unixschedulegc...
Linux Distros Unpatched Vulnerability : CVE-2026-53005
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd,...
CVE-2026-52928
A flaw was found in the Linux kernel's afunix component. This vulnerability involves the incorrect handling of the SIOCATMARK operation when used with non-stream sockets, such as SOCKDGRAM and SOCKSEQPACKET. These socket types did not properly reject SIOCATMARK, an operation intended only for...
EUVD-2026-38902
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix afunix null-ptr-deref in proto update unixstreamconnect sets skstate WRITEONCEsk-skstate, TCPESTABLISHED before it assigns a peer unixpeersk = newsk. skstate == TCPESTABLISHED makes sockmapskstateallowed believe...
CVE-2026-53033
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...
CVE-2026-52928
In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...
Linux Distros Unpatched Vulnerability : CVE-2026-52928
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported on...
Astra Linux – Vulnerability in Linux 5.15
A vulnerability, classified as problematic, has been identified in the Linux kernel. This issue affects the functions unixsockdestructor/unixreleasesock in the file net/unix/afunix.c of the BPF component. The manipulation leading to this issue results in a memory leak. It is recommended that a...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: afunix: Do not use GC if MSGPEEK occurred. Igor Ushakov reported that GC purged the receive queue of a live socket due to a race with MSGPEEK, with a fix provided. This is exactly the same issue that was previously fixed in the...
SUSE CVE-2026-45887
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...
CVE-2026-45887
A flaw was found in the Linux kernel's afunix subsystem. This vulnerability, a memory leak, occurs in the unixstreamconnect function when a specific internal operation fails to release allocated memory. Over time, this unreleased memory could accumulate, potentially leading to system instability ...
CVE-2026-45887
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...
UBUNTU-CVE-2026-45887
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...
CVE-2026-45887
CVE-2026-45887 affects the Linux kernel af_unix subsystem's unix_stream_connect() path. Root cause: if prepare_peercred() fails, unix_release_sock() is not called for the new socket (newsk), causing a memory leak. Impact: potential DoS or instability due to unreleased memory. Remediation: move pr...
CVE-2026-45887
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed data races related to user-unixinflight. user-unixinflight is updated under spinlockunixgclock, but toomanyunixfds reads it without locking. Let’s annotate the write/read accesses to user-unixinflight. BUG: KCSAN...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: afunix: Fixed a data race in unixdgrampeerwakeme. unixdgrampoll calls unixdgrampeerwakeme without ensuring that the other lock is held, and without checking whether the receive queue is full. In this case, we need to use...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disabling the sending of iouring via sockets File reference cycles have caused many problems for iouring in the past. It still doesn’t work correctly, and it causes races with unixstreamreadgeneric. The safest...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: afunix: fixed the issue of struct pid leaks in OOB support. The issue arises from queueoob calling maybeaddcreds, which potentially holds a reference to a pid. However, the destructor of skb is not set either directly or by...