UBUNTU-CVE-2026-45536

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

CVE-2026-45536

CVE-2026-45536 affects Netty, specifically Unix-domain socket fd reception in netty_unix_socket_recvFd. Prior to versions 4.1.135.Final and 4.2.15.Final, a peer-sent SCM_RIGHTS message containing two fds can cause both descriptors to leak due to a mismatch between cmsg_len checks and the actual f...

CVE-2026-45536 Netty: Unix-socket fd receive leaks descriptors when peer sends two at once

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

EUVD-2026-36439

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvFd sets msgcontrol to char controlCMSGSPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCMRIGHTS cmsg carrying two ints has...

Linux Distros Unpatched Vulnerability : CVE-2026-45536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, nettyunixsocketrecvF...

PT-2026-47581

netty unix socket recvFd sets msg control to char controlCMSG SPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCM RIGHTS cmsg carrying two ints has cmsg len = CMSG LEN8 = 24, which fits exactly with no MSG CTRUNC, so the kernel installs both fds in the receiving process. The...

PT-2026-47608

Name of the Vulnerable Software and Affected Versions Netty affected versions not specified Description A file descriptor leak occurs in the netty unix socket recvFd function when a peer sends two file descriptors simultaneously via an SCM RIGHTS control message. The system allocates a control...

USN-7953-1 php7.2, php7.4, php8.1, php8.3, php8.4 vulnerabilities

It was discovered that PHP incorrectly handled memory while reading images in multi-chunk mode. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.04 and Ubuntu 25.10. CVE-2025-14177 It was discovered that PHP incorrectl...

Google Chrome 访问控制错误漏洞

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A data validation insufficiency vulnerability exists in Google Chrome versions prior to 89.0.4389.72 in read mode. An attacker can leak cross-origin data via a...

DEBIAN-CVE-2018-11506

The srdoioctl function in drivers/scsi/srioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as...

UBUNTU-CVE-2018-11506

The srdoioctl function in drivers/scsi/srioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as...

VulnCheck KEV: CVE-2018-1000049

Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled...

Mozilla Firefox Interface Forgery Vulnerability

Mozilla Firefox is an open source web browser. A security vulnerability exists in Mozilla Firefox when the program is enabled in read mode, which allows remote attackers to exploit the vulnerability to forge relationships between address-bar URLs and Web content...