CVE-2026-45887
published 2026-05-27CVE-2026-45887: In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix memleak of newsk in unix_stream_connect(). When prepare_peercred() fails in…
medium5.5
In the Linux kernel, the following vulnerability has been resolved:
af_unix: Fix memleak of newsk in unix_stream_connect().
When prepare_peercred() fails in unix_stream_connect(),
unix_release_sock() is not called for newsk, and the memory
is leaked.
Let's move prepare_peercred() before unix_create1().
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux | — | — |
| linux | linux | >= fd0a109a0f6b7524543d17520da92a44a9f5343c < 365996a2b14d07caa9e33d367b67ea26c09d89b4 | 365996a2b14d07caa9e33d367b67ea26c09d89b4 |
| linux | linux | >= fd0a109a0f6b7524543d17520da92a44a9f5343c < a5d95d7caba0160fb7b2b8d2bd96d5a1be861d9f | a5d95d7caba0160fb7b2b8d2bd96d5a1be861d9f |
| linux | linux | >= fd0a109a0f6b7524543d17520da92a44a9f5343c < 6884028cd7f275f8bcb854a347265cb1fb0e4bea | 6884028cd7f275f8bcb854a347265cb1fb0e4bea |
| linux | linux_kernel | — | — |