Impact
The af_unix subsystem in the Linux kernel previously performed the SIOCATMARK ioctl on sockets that were not of type SOCK_STREAM. This ioctl reports whether the receive queue has reached the urgent mark for MSG_OOB data, a feature that is only supported for stream sockets. The kernel incorrectly allowed the ioctl to proceed on SOCK_DGRAM and SOCK_SEQPACKET sockets, potentially returning misleading information or causing unrelated kernel logic to react to the call. The applied patch adds a precheck that returns –EOPNOTSUPP for non‑stream sockets, aligning the behaviour with the existing rejection in sendmsg() and recvmsg() and preventing the ioctl from succeeding when it is undefined. The weakness is classified as CWE‑1287, representing improper kernel interface or misuse of system calls.
Affected Systems
All releases of the Linux kernel that contain the af_unix implementation before the patch are affected. The bug is present on every kernel version that has not yet integrated the change, regardless of distribution or version number. The patch is distributed through the official kernel source and is incorporated into subsequent kernel releases.
Risk and Exploitability
The CVSS score is 5.5. The issue is a defensive programming bug that resulted in returning an appropriate error code rather than exposing a memory or control‑flow vulnerability. No known exploitation methods exist, and the EPSS score is < 1%. The vulnerability is not listed in the CISA KEV catalog, indicating a low likelihood of real‑world exploitation. Based on the description, it is inferred that the likely attack vector is a local or unprivileged user intentionally calling SIOCATMARK on a non‑stream socket, which would simply result in an EOPNOTSUPP error rather than compromise.
OpenCVE Enrichment