Skip to main content

Linux CVE-2026-53361

| EUVDEUVD-2026-41668
2026-07-04 416baaa9-dc9f-4396-8d5f-8c081fb06d67 GHSA-h72j-p4f7-vrcj

Lifecycle Timeline

2
Patch available
Jul 04, 2026 - 13:01 EUVD
CVE Published
Jul 04, 2026 - 12:17 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

In the Linux kernel, the following vulnerability has been resolved:

af_unix: Set gc_in_progress to true in unix_gc().

Igor Ushakov reported that unix_gc() could run with gc_in_progress being false if the work is scheduled while running:

Thread 1 Thread 2 Thread 3 -------- -------- -------- unix_schedule_gc() unix_schedule_gc() - if (!gc_in_progress) - if (!gc_in_progress)

|- gc_in_progress = true | `- queue_work() | unix_gc() <----------------/ |

| |- gc_in_progress = true ... `- queue_work()

| | `- gc_in_progress = false |

| unix_gc() <---------------------------------------------'

| ... /* gc_in_progress == false */

| `- gc_in_progress = false

unix_peek_fpl() relies on gc_in_progress not to confuse GC by MSG_PEEK.

Let's set gc_in_progress to true in unix_gc().

Analysis

In the Linux kernel, the following vulnerability has been resolved: af_unix: Set gc_in_progress to true in unix_gc(). Igor Ushakov reported that unix_gc() could run with gc_in_progress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unix_schedule_gc() unix_schedule_gc() - if (!gc_in_progress) - if (!gc_in_progress) |- gc_in_progress = true | - queue_work() | unix_gc() <----------------/ | | |- gc_in_progress = true ... …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-53361 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy