Description
In the Linux kernel, the following vulnerability has been resolved:

af_unix: Fix memleak of newsk in unix_stream_connect().

When prepare_peercred() fails in unix_stream_connect(),
unix_release_sock() is not called for newsk, and the memory
is leaked.

Let's move prepare_peercred() before unix_create1().
Published: 2026-05-27
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A memory leak occurs in the Linux kernel’s af_unix module when a connection attempt to a Unix domain socket fails during prepare_peercred(). The failure prevents the new socket structure from being released, causing the kernel to retain the allocation. Over time, repeated failures can exhaust system memory and lead to instability or a denial of Service. The weakness manifests as inappropriate resource deallocation (CWE-772).

Affected Systems

The vulnerability affects the Linux kernel; the specific kernel version is not listed in the data, so any installation containing the unpatched af_unix code is potentially vulnerable. Administrators should review the kernel build to confirm whether the patch that moves prepare_peercred() before unix_create1() has been applied.

Risk and Exploitability

The CVSS score is 5.5, the EPSS score is < 1%, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector requires the ability to trigger a Unix socket connection that follows the vulnerable code path, which can be accomplished locally or, if an exposed service uses Unix sockets, remotely. The risk is moderate to high for systems that handle many Unix socket connections, as resource exhaustion could be achieved with repeated failures, but public exploitation evidence is lacking.

Generated by OpenCVE AI on May 28, 2026 at 17:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Linux kernel update that includes the af_unix memory‑leak fix
  • Restrict or quarantine services that create or accept Unix domain sockets to limit attack exposure
  • Monitor system memory usage for unusual growth patterns that may indicate a socket‑related memory leak

Generated by OpenCVE AI on May 28, 2026 at 17:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 28 May 2026 15:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Thu, 28 May 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Wed, 27 May 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-401

Wed, 27 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix memleak of newsk in unix_stream_connect(). When prepare_peercred() fails in unix_stream_connect(), unix_release_sock() is not called for newsk, and the memory is leaked. Let's move prepare_peercred() before unix_create1().
Title af_unix: Fix memleak of newsk in unix_stream_connect().
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-27T12:16:58.720Z

Reserved: 2026-05-13T15:03:33.082Z

Link: CVE-2026-45887

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:02.713

Modified: 2026-05-27T14:48:31.480

Link: CVE-2026-45887

cve-icon Redhat

Severity : Low

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-45887 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T17:15:21Z

Weaknesses
  • CWE-772

    Missing Release of Resource after Effective Lifetime