CVE-2026-52928
Analyzed Analyzed - Analysis Complete

AF_UNIX SIOCATMARK Rejection on Non-Stream Sockets

Vulnerability report for CVE-2026-52928, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-24

Last updated on: 2026-07-08

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: af_unix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSG_OOB. In AF_UNIX, MSG_OOB is supported only for SOCK_STREAM sockets. SOCK_DGRAM and SOCK_SEQPACKET reject MSG_OOB in sendmsg() and recvmsg(), so they should not support SIOCATMARK either. Return -EOPNOTSUPP for non-stream sockets before checking the receive queue.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-24
Last Modified
2026-07-08
Generated
2026-07-15
AI Q&A
2026-06-24
EPSS Evaluated
2026-07-14
NVD
EUVD

Affected Vendors & Products

Showing 8 associated CPEs
Vendor Product Version / Range
linux linux_kernel 7.1
linux linux_kernel 7.1
linux linux_kernel From 6.13 (inc) to 6.18.30 (exc)
linux linux_kernel From 6.19 (inc) to 7.0.7 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.88 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.177 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.144 (exc)
linux linux_kernel From 5.15 (inc) to 5.15.211 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's AF_UNIX socket implementation. Specifically, the issue involves the handling of the SIOCATMARK ioctl command, which is used to determine if the receive queue is at the urgent mark for out-of-band data (MSG_OOB).

In AF_UNIX sockets, MSG_OOB is only supported for SOCK_STREAM sockets. However, SOCK_DGRAM and SOCK_SEQPACKET sockets reject MSG_OOB in sendmsg() and recvmsg(), so they should also reject SIOCATMARK. The vulnerability was that SIOCATMARK was not properly rejected on non-stream sockets, potentially allowing incorrect behavior.

The fix was to return an error code (-EOPNOTSUPP) for non-stream sockets before checking the receive queue, ensuring that SIOCATMARK is only supported on appropriate socket types.

Impact Analysis

This vulnerability could lead to improper handling of socket operations on non-stream AF_UNIX sockets. Since SIOCATMARK is not supposed to be supported on these socket types, allowing it could cause unexpected behavior or errors in applications relying on socket communication.

While the exact impact depends on how software uses these socket types, it could potentially result in application crashes, incorrect data processing, or security issues related to socket communication.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-52928. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart