950 matches found
CVE-2026-54786
Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...
CVE-2026-54786
Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fdrenumber function where the...
CVE-2026-40209 Denial of service via IXFR queries
An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...
Linux Distros Unpatched Vulnerability : CVE-2026-53005
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd,...
CVE-2026-52814
Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new...
CVE-2026-53005
In the Linux kernel, the following vulnerability has been resolved: afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd, skpsockverdictdataready looks up the mapped socket and enqueue skb to its...
CVE-2026-53005
CVE-2026-53005 affects the Linux kernel af_unix SOCKMAP feature. The issue arises from improper handling of SCM attributes when data is passed to SOCKMAP, enabling a use-after-free and inflight-file-descriptor leaks due to inability of GC paths to inspect psock queues after skb redirection. Multi...
PT-2026-51899
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc7 Description An issue exists in the af unix component where SOCKMAP can hide inflight file descriptors from the AF UNIX Garbage Collector GC. When a socket in SOCKMAP receives a socket buffer skb with an...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fixed stale file descriptors when a usercopy fails. A failed usercopy of the fencerep object will result in a stale entry in the file descriptor table, as putunusedfd will not release that entry. This allows userland ...
SUSE CVE-2026-45536
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 - 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
CVE-2026-45536
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
UBUNTU-CVE-2026-45536
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
EUVD-2026-36439
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
CVE-2026-45536 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
CVE-2026-45536 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...
CVE-2026-45536
CVE-2026-45536 affects Netty, specifically Unix-domain socket fd reception in netty_unix_socket_recvFd. Prior to versions 4.1.135.Final and 4.2.15.Final, a peer-sent SCM_RIGHTS message containing two fds can cause both descriptors to leak due to a mismatch between cmsg_len checks and the actual f...
Linux Distros Unpatched Vulnerability : CVE-2026-45536
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvF...
CVE-2026-46693
Summary : CVE-2026-46693 affects ImageMagick’s distributed pixel cache server. A race condition can allow a privileged attacker who can connect to a magick -distribute-cache service to hijack a file descriptor in the server process. The issue is specifically tied to the distributed cache mechanis...
GHSA-W573-9FFJ-6FF9 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has cmsglen = CMSGLEN8 = 24, which fits exactly with no MSGCTRUNC, so the kernel installs both fds in the receiving process. The subsequent che...
Missing Release of Resource after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime in the nettyunixsocketrecvFd function. An attacker can cause file descriptor leaks by sending two file descriptors at once via a Unix domain socket, leading to resource exhaustion and...