322 matches found
ROOT-APP-MAVEN-CVE-2026-42577 CVE-2026-42577 in io.root.io.netty:netty-transport-native-epoll - Patched by Root
Root has patched CVE-2026-42577 in the io.root.io.netty:netty-transport-native-epoll package for Root:Maven. Multiple fixed versions available...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerabilities have been resolved: locking/qrwlock: Fixed the ordering in queuedwritelockslowpath While this code is executed with waitlock held, a reader can acquire the lock without holding waitlock. The writer side loops checking the value using...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: epoll: Be more careful regarding the lifetime of file pointers. epoll may call vfspoll with a file pointer that may race with the last fput. This would cause fcount to decrease to zero. While the ep-mtx locking ensures that th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: afunix: Clearing stale u-oobskb. Syzkaller began reporting a deadlock of unixgclock after the commit 4090fa373f0. However, this only reveals the bug that had been present since the commit 314001f0bf92 “afunix: Adding OOB support”...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: List: Fixed a data race around ep-rdllist. The eppoll function first calls epeventsavailable without holding a lock and checks if ep-rdllist is empty using listemptycareful, which reads from rdllist-prev. Therefore, all access...
SUSE CVE-2026-45536
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 - 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
CVE-2026-45536
CVE-2026-45536 affects Netty, specifically Unix-domain socket fd reception in netty_unix_socket_recvFd. Prior to versions 4.1.135.Final and 4.2.15.Final, a peer-sent SCM_RIGHTS message containing two fds can cause both descriptors to leak due to a mismatch between cmsg_len checks and the actual f...
CVE-2026-45536 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0), ai.ancf.lmos-router:lmos-router-hybrid (>=0.2.0 <=0.28.0) +12829 more potentially affected by CVE-2026-45536 via io.netty:netty-transport-native-epoll (>=4.0.21.Final <=4.1.134.Final)
io.netty:netty-transport-native-epoll MAVEN version =4.0.21.Final, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1.0 -...
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has cmsglen = CMSGLEN8 = 24, which fits exactly with no MSGCTRUNC, so the kernel installs both fds in the receiving process. The subsequent che...
PT-2026-47608
Name of the Vulnerable Software and Affected Versions Netty affected versions not specified Description A file descriptor leak occurs in the netty unix socket recvFd function when a peer sends two file descriptors simultaneously via an SCM RIGHTS control message. The system allocates a control...
CVE-2026-42577
Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...
EUVD-2026-33459
In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...
CVE-2026-46242
Summary (CVE-2026-46242) : The Linux kernel contains a fix for a UAF in eventpoll related to ep_remove. The bug arose when ep_remove_file() cleared file->f_ep under file->f_lock but continued using @file inside the critical section, allowing a concurrent path to reach freed memory via f_op-...
PT-2026-45095
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.4 through 6.12.67 Description A race condition in the eventpoll epoll subsystem allows an unprivileged local user to escalate privileges to root. The issue is a use-after-free UAF condition where ep remove via ep remove...
CVE-2026-46015
A flaw was found in the Linux kernel's TCP networking subsystem. When an established network connection is migrated between listener sockets within the same SOREUSEPORT group, applications waiting for new connections may not be properly notified. This can cause poll, epollwait, and blocking accep...
EUVD-2026-32396
In the Linux kernel, the following vulnerability has been resolved: tcp: call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket in the same SOREUSEPORT group, the target listener gets a new accept-queue entry...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the tcp listener to call skdataready after migration, potentially causing poll/epo...
Linux Distros Unpatched Vulnerability : CVE-2026-46015
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket in the same...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: eventpoll: Fixed semi-unbounded recursion. Ensured that epoll instances never form a graph with more than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is free of loops and performs some recursion depth...