CVE-2026-52928

A flaw was found in the Linux kernel's afunix component. This vulnerability involves the incorrect handling of the SIOCATMARK operation when used with non-stream sockets, such as SOCKDGRAM and SOCKSEQPACKET. These socket types did not properly reject SIOCATMARK, an operation intended only for...

EUVD-2026-38902

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix afunix null-ptr-deref in proto update unixstreamconnect sets skstate WRITEONCEsk-skstate, TCPESTABLISHED before it assigns a peer unixpeersk = newsk. skstate == TCPESTABLISHED makes sockmapskstateallowed believe...

CVE-2026-53033

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed data races related to user-unixinflight. user-unixinflight is updated under spinlockunixgclock, but toomanyunixfds reads it without locking. Let’s annotate the write/read accesses to user-unixinflight. BUG: KCSAN...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: afunix: Fixed a data race in unixdgrampeerwakeme. unixdgrampoll calls unixdgrampeerwakeme without ensuring that the other lock is held, and without checking whether its receive queue is full. In this case, we need to use...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: afunix: fixed the issue of struct pid leaks in OOB support. The issue arises from queueoob calling maybeaddcreds, which potentially holds a reference to a pid. However, the destructor of skb is not set either directly or by...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: afunix: Do not use GC if MSGPEEK occurred. Igor Ushakov reported that GC purged the receive queue of a live socket due to a race with MSGPEEK, with a fix provided. This is exactly the same issue that was previously fixed in the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disabling the sending of iouring via sockets File reference cycles have caused many problems for iouring in the past. It still doesn’t work correctly, and it causes race conditions with unixstreamreadgeneric. The...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: afunix: Fixed data race conditions in unixreleasesock/unixstreamsendmsg. A data race condition was identified in afunix. In one data path, the write function unixreleasesock atomically writes to sk-skshutdown using WRITEONCE...

SUSE CVE-2026-45887

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

CVE-2026-45887

A flaw was found in the Linux kernel's afunix subsystem. This vulnerability, a memory leak, occurs in the unixstreamconnect function when a specific internal operation fails to release allocated memory. Over time, this unreleased memory could accumulate, potentially leading to system instability ...

CVE-2026-45887

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

UBUNTU-CVE-2026-45887

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

CVE-2026-45887

CVE-2026-45887 affects the Linux kernel af_unix subsystem's unix_stream_connect() path. Root cause: if prepare_peercred() fails, unix_release_sock() is not called for the new socket (newsk), causing a memory leak. Impact: potential DoS or instability due to unreleased memory. Remediation: move pr...

CVE-2026-45887

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

Astra Linux - уязвимость в linux-5.15

A vulnerability, classified as problematic, has been identified in the Linux kernel. This issue affects the functions unixsockdestructor/unixreleasesock in the file net/unix/afunix.c of the BPF component. The manipulation leading to this issue results in a memory leak. It is recommended that a...

CVE-2026-31673 af_unix: read UNIX_DIAG_VFS data under unix_state_lock

In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011383)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011383 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into accoun...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007247)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007247 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disable sending iouring over sockets File reference cycles have caused lots of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007286)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007286 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into accoun...