Lucene search
K

378 matches found

RedhatCVE
RedhatCVE
added 6 days ago12 views

CVE-2026-53361

A flaw was found in the Linux kernel's afunix component. A race condition exists within the unixgc garbage collection function where the gcinprogress flag may not be correctly set. This could lead to unixpeekfpl misinterpreting garbage collection status when handling MSGPEEK operations, potential...

7CVSS5.9AI score0.00171EPSS
Exploits0References4
Debian CVE
Debian CVE
added last week7 views

CVE-2026-53361

In the Linux kernel, the following vulnerability has been resolved: afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unixschedulegc...

5.8AI score0.00171EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd,...

7.8CVSS6AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/24 8:44 p.m.7 views

CVE-2026-52928

A flaw was found in the Linux kernel's afunix component. This vulnerability involves the incorrect handling of the SIOCATMARK operation when used with non-stream sockets, such as SOCKDGRAM and SOCKSEQPACKET. These socket types did not properly reject SIOCATMARK, an operation intended only for...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38902

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix afunix null-ptr-deref in proto update unixstreamconnect sets skstate WRITEONCEsk-skstate, TCPESTABLISHED before it assigns a peer unixpeersk = newsk. skstate == TCPESTABLISHED makes sockmapskstateallowed believe...

5.6AI score0.0018EPSS
Exploits0References7
NVD
NVD
added 2026/06/24 5:17 p.m.7 views

CVE-2026-53033

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...

7.8CVSS0.00133EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 8:16 a.m.19 views

CVE-2026-52928

In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...

5.5CVSS0.00114EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported on...

5.5CVSS6AI score0.00114EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.15

A vulnerability, classified as problematic, has been identified in the Linux kernel. This issue affects the functions unixsockdestructor/unixreleasesock in the file net/unix/afunix.c of the BPF component. The manipulation leading to this issue results in a memory leak. It is recommended that a...

5.5CVSS6AI score0.0026EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/02 3:27 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: afunix: Do not use GC if MSGPEEK occurred. Igor Ushakov reported that GC purged the receive queue of a live socket due to a race with MSGPEEK, with a fix provided. This is exactly the same issue that was previously fixed in the...

4.7CVSS5.8AI score0.00089EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.11 views

SUSE CVE-2026-45887

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

5.8AI score0.00153EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 3:7 a.m.16 views

CVE-2026-45887

A flaw was found in the Linux kernel's afunix subsystem. This vulnerability, a memory leak, occurs in the unixstreamconnect function when a specific internal operation fails to release allocated memory. Over time, this unreleased memory could accumulate, potentially leading to system instability ...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.15 views

CVE-2026-45887

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

5.5CVSS0.00153EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.11 views

UBUNTU-CVE-2026-45887

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

5.5CVSS5.7AI score0.00153EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:16 p.m.19 views

CVE-2026-45887

CVE-2026-45887 affects the Linux kernel af_unix subsystem's unix_stream_connect() path. Root cause: if prepare_peercred() fails, unix_release_sock() is not called for the new socket (newsk), causing a memory leak. Impact: potential DoS or instability due to unreleased memory. Remediation: move pr...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:16 p.m.15 views

CVE-2026-45887

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

5.5CVSS5.7AI score0.00153EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.0 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed data races related to user-unixinflight. user-unixinflight is updated under spinlockunixgclock, but toomanyunixfds reads it without locking. Let’s annotate the write/read accesses to user-unixinflight. BUG: KCSAN...

4.7CVSS6.2AI score0.0011EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: afunix: Fixed a data race in unixdgrampeerwakeme. unixdgrampoll calls unixdgrampeerwakeme without ensuring that the other lock is held, and without checking whether the receive queue is full. In this case, we need to use...

4.7CVSS6.1AI score0.00186EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disabling the sending of iouring via sockets File reference cycles have caused many problems for iouring in the past. It still doesn’t work correctly, and it causes races with unixstreamreadgeneric. The safest...

4.7CVSS6.1AI score0.00795EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: afunix: fixed the issue of struct pid leaks in OOB support. The issue arises from queueoob calling maybeaddcreds, which potentially holds a reference to a pid. However, the destructor of skb is not set either directly or by...

7.1CVSS6.4AI score0.00158EPSS
Exploits0References2
Rows per page
Query Builder