CVE-2026-52928

Summary

In the Linux kernel, the following vulnerability has been resolved:

af_unix: Reject SIOCATMARK on non-stream sockets

SIOCATMARK reports whether the receive queue is at the urgent mark for MSG_OOB.

In AF_UNIX, MSG_OOB is supported only for SOCK_STREAM sockets. SOCK_DGRAM and SOCK_SEQPACKET reject MSG_OOB in sendmsg() and recvmsg(), so they should not support SIOCATMARK either.

Return -EOPNOTSUPP for non-stream sockets before checking the receive queue.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux314001f0bf927015e459c9d387d62a231fe93af3 < ec123873fdc83e7244c8ed6d17b8f8ea6c416a67affected
LinuxLinux314001f0bf927015e459c9d387d62a231fe93af3 < f085971de6d6b8ef946a5e0bcd73ff24509a0f85affected
LinuxLinux314001f0bf927015e459c9d387d62a231fe93af3 < b741c9c6ef59f17c1f104ddf1217ef77f79ed29baffected
LinuxLinux314001f0bf927015e459c9d387d62a231fe93af3 < 645b1ed3259af38b7814242a420bc2081bdd1eb6affected
LinuxLinux314001f0bf927015e459c9d387d62a231fe93af3 < c34c41446acf6c0d13b5b06c809be11e0f7f2729affected
LinuxLinux314001f0bf927015e459c9d387d62a231fe93af3 < 3147ddf5a41c20c45c2eb69e00b62f10f822056aaffected
LinuxLinux314001f0bf927015e459c9d387d62a231fe93af3 < d119775f2bad827edc28071c061fdd4a91f889a5affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.211 <= 5.15.*unaffected
LinuxLinux6.1.177 <= 6.1.*unaffected
LinuxLinux6.6.144 <= 6.6.*unaffected
LinuxLinux6.12.88 <= 6.12.*unaffected
LinuxLinux6.18.30 <= 6.18.*unaffected
LinuxLinux7.0.7 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References