CVE-2026-45887
MEDIUMaf_unix: Fix memleak of newsk in unix_stream_connect().
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix memleak of newsk in unix_stream_connect(). When prepare_peercred() fails in unix_stream_connect(), unix_release_sock() is not called for newsk, and the memory is leaked. Let's move prepare_peercred() before unix_create1().
Scores
CVSS v3
5.5
EPSS
0.0015
EPSS Percentile
4.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-401
Status
published
Products (11)
linux/Kernel
6.16.0 - 6.18.14linux
linux/Kernel
6.19.0 - 6.19.4linux
Linux/Linux
< 6.16
Linux/Linux
6.16
Linux/Linux
6.18.14 - 6.18.*
Linux/Linux
6.19.4 - 6.19.*
Linux/Linux
7.0
Linux/Linux
fd0a109a0f6b7524543d17520da92a44a9f5343c - 365996a2b14d07caa9e33d367b67ea26c09d89b4
Linux/Linux
fd0a109a0f6b7524543d17520da92a44a9f5343c - 6884028cd7f275f8bcb854a347265cb1fb0e4bea
Linux/Linux
fd0a109a0f6b7524543d17520da92a44a9f5343c - a5d95d7caba0160fb7b2b8d2bd96d5a1be861d9f
... and 1 more
Published
May 27, 2026
Tracked Since
May 27, 2026