Lifecycle Timeline
2DescriptionCVE.org
In the Linux kernel, the following vulnerability has been resolved:
af_unix: Set gc_in_progress to true in unix_gc().
Igor Ushakov reported that unix_gc() could run with gc_in_progress being false if the work is scheduled while running:
Thread 1 Thread 2 Thread 3 -------- -------- -------- unix_schedule_gc() unix_schedule_gc() - if (!gc_in_progress) - if (!gc_in_progress)
|- gc_in_progress = true | `- queue_work() | unix_gc() <----------------/ |
| |- gc_in_progress = true ... `- queue_work()
| | `- gc_in_progress = false |
| unix_gc() <---------------------------------------------'
| ... /* gc_in_progress == false */
| `- gc_in_progress = false
unix_peek_fpl() relies on gc_in_progress not to confuse GC by MSG_PEEK.
Let's set gc_in_progress to true in unix_gc().
Analysis
In the Linux kernel, the following vulnerability has been resolved: af_unix: Set gc_in_progress to true in unix_gc(). Igor Ushakov reported that unix_gc() could run with gc_in_progress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unix_schedule_gc() unix_schedule_gc() - if (!gc_in_progress) - if (!gc_in_progress) |- gc_in_progress = true | - queue_work() | unix_gc() <----------------/ | | |- gc_in_progress = true ... …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41668
GHSA-h72j-p4f7-vrcj