CVE Catalog

CVE-2026-52928

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

6th percentile — higher than 6% of all known CVEs

Summary

A vulnerability was found in the Linux kernel's AF_UNIX socket implementation. The SIOCATMARK ioctl, which reports the urgent mark position for MSG_OOB, was accessible for all socket types, even though MSG_OOB is only supported for SOCK_STREAM. Now, for SOCK_DGRAM and SOCK_SEQPACKET sockets, it returns -EOPNOTSUPP.

Risk Assessment

Organizations may experience incorrect behavior in applications using AF_UNIX sockets of type SOCK_DGRAM or SOCK_SEQPACKET, which could misinterpret the receive queue state as containing urgent data, leading to logic errors or unexpected behavior.

Recommendation

It is recommended to immediately update the Linux kernel to a version containing the fix (commit 3f3f2e0e1a5c in the mainline branch or appropriate backports for your distribution). Reboot the system after the update.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: af_unix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSG_OOB. In AF_UNIX, MSG_OOB is supported only for SOCK_STREAM sockets. SOCK_DGRAM and SOCK_SEQPACKET reject MSG_OOB in sendmsg() and recvmsg(), so they should not support SIOCATMARK either. Return -EOPNOTSUPP for non-stream sockets before checking the receive queue.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS