Lucene search
K

6 matches found

OSV
OSV
added 2026/04/25 8:46 a.m.3 views

CVE-2026-31673 af_unix: read UNIX_DIAG_VFS data under unix_state_lock

In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...

7.8CVSS6.2AI score0.00121EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/04/25 8:46 a.m.35 views

CVE-2026-31673 af_unix: read UNIX_DIAG_VFS data under unix_state_lock

In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...

7.8CVSS0.00121EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/04/25 8:46 a.m.6 views

CVE-2026-31673

In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...

7.8CVSS5.2AI score0.00121EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/04/25 8:46 a.m.29 views

CVE-2026-31673

The connected sources describe a Linux kernel vulnerability CVE-2026-31673 in the af_unix/UNIX_DIAG_VFS path. A race condition can occur when reading inode and device numbers for UNIX_DIAG_VFS without holding unix_state_lock consistently while u->path may be cleared by unix_release_sock(). The...

7.8CVSS5.3AI score0.00121EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.7 views

PT-2026-35133

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the af unix module where exact UNIX diag lookups hold a reference to the socket but not to u-path. The unix release sock function clears u-path under the unix state lo...

7.8CVSS5.5AI score0.00121EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/02/27 3:11 a.m.4 views

SUSE CVE-2022-49147

In the Linux kernel, the following vulnerability has been resolved: block: Fix the maximum minor value is blkallocextminor idaallocrange..., min, max, ... returns values from min to max, inclusive. So, NREXTDEVT is a valid idx returned by blkallocextminor. This is an issue because in deviceadddis...

5.5CVSS6.5AI score0.00245EPSS
Exploits0References7
Rows per page
Query Builder