CVE-2026-45887 Linux CVE debrief

Who should care

Linux system administrators, kernel maintainers, and security teams responsible for kernel patch management and memory-constrained environments

Technical summary

The vulnerability is a memory leak in the Linux kernel's AF_UNIX socket subsystem. In `unix_stream_connect()`, if `prepare_peercred()` fails after `unix_create1()` has allocated a new socket (`newsk`), the error handling path does not call `unix_release_sock()` to free the allocated socket structure. The resolution moves `prepare_peercred()` to execute before `unix_create1()`, ensuring that credential-related failures occur prior to socket allocation and eliminating the leak condition.

Defensive priority

medium

Recommended defensive actions

• Review Linux kernel versions in use and apply stable kernel updates containing the referenced commits
• Monitor vendor security advisories for distribution-specific kernel packages
• Assess systems utilizing AF_UNIX stream sockets for potential memory pressure impacts
• Verify kernel update deployment through standard patch management workflows

Evidence notes

The vulnerability description and resolution are sourced from the official CVE record published 2026-05-27. The fix involves reordering function calls in `unix_stream_connect()` to prevent memory leak on `prepare_peercred()` failure. Three kernel.org stable tree commits are referenced as source material.

Official resources