CVE-2026-31673 af_unix: read UNIX_DIAG_VFS data under unix_state_lock

In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...

CVE-2026-31673

In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...

CVE-2026-31673

The connected sources describe a Linux kernel vulnerability CVE-2026-31673 in the af_unix/UNIX_DIAG_VFS path. A race condition can occur when reading inode and device numbers for UNIX_DIAG_VFS without holding unix_state_lock consistently while u->path may be cleared by unix_release_sock(). The...

PT-2026-35133

In the Linux kernel, the following vulnerability has been resolved: af unix: read UNIX DIAG VFS data under unix state lock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unix release sock clears u-path under unix state lock and drops the path reference after...

SUSE CVE-2022-49147

In the Linux kernel, the following vulnerability has been resolved: block: Fix the maximum minor value is blkallocextminor idaallocrange..., min, max, ... returns values from min to max, inclusive. So, NREXTDEVT is a valid idx returned by blkallocextminor. This is an issue because in deviceadddis...