955 matches found
CVE-2026-54786
A flaw was found in Wasmtime, a runtime for WebAssembly. Its native implementation of WASIp1, a system interface for WebAssembly, contains a resource leak in the fdrenumber function. A malicious guest program can repeatedly call this function, causing the host system to exhaust its file descripto...
CVE-2026-54786
Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...
CVE-2026-54786
Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...
CVE-2026-40209 Denial of service via IXFR queries
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...
CVE-2026-40209 Denial of service via IXFR queries
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...
Linux Distros Unpatched Vulnerability : CVE-2026-53005
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd,...
CVE-2026-52814
Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new...
CVE-2026-53005
In the Linux kernel, the following vulnerability has been resolved: afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd, skpsockverdictdataready looks up the mapped socket and enqueue skb to its...
CVE-2026-53005
CVE-2026-53005 affects the Linux kernel af_unix SOCKMAP feature. The issue arises from improper handling of SCM attributes when data is passed to SOCKMAP, enabling a use-after-free and inflight-file-descriptor leaks due to inability of GC paths to inspect psock queues after skb redirection. Multi...
CVE-2026-53005 af_unix: Drop all SCM attributes for SOCKMAP.
In the Linux kernel, the following vulnerability has been resolved: afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd, skpsockverdictdataready looks up the mapped socket and enqueue skb to its...
PT-2026-51899
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc7 Description An issue exists in the af unix component where SOCKMAP can hide inflight file descriptors from the AF UNIX Garbage Collector GC. When a socket in SOCKMAP receives a socket buffer skb with an...
SUSE CVE-2026-45536
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 - 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
CVE-2026-45536
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
UBUNTU-CVE-2026-45536
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
EUVD-2026-36439
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
CVE-2026-45536
CVE-2026-45536 affects Netty, specifically Unix-domain socket fd reception in netty_unix_socket_recvFd. Prior to versions 4.1.135.Final and 4.2.15.Final, a peer-sent SCM_RIGHTS message containing two fds can cause both descriptors to leak due to a mismatch between cmsg_len checks and the actual f...
CVE-2026-45536 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
CVE-2026-45536 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
CVE-2026-45536 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
Linux Distros Unpatched Vulnerability : CVE-2026-45536
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvF...