Vulnerability DatabaseCVE-2026-45536
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2026-45536
Published:June 09, 2026
Updated:June 09, 2026
netty_unix_socket_recvFd sets msg_control to "char control[CMSG_SPACE(sizeof(int))]" (line 940) — 24 bytes on 64-bit Linux. A peer-sent SCM_RIGHTS cmsg carrying two ints has cmsg_len = CMSG_LEN(8) = 24, which fits exactly with no MSG_CTRUNC, so the kernel installs both fds in the receiving process. The subsequent check "cmsg->cmsg_len == CMSG_LEN(sizeof(int))" (line 972, expected 20) fails, the branch that would read the fd is skipped, and neither installed fd is closed. The for(;;) loop calls recvmsg again (non-blocking → EAGAIN → Java maps to 0 → read loop exits normally), leaving two leaked fds per message. There is no MSG_CTRUNC handling. Reachable via Epoll/KQueue DomainSocketChannel when the application opts into DomainSocketReadMode.FILE_DESCRIPTORS (non-default).
Affected Packages
https://github.com/netty/netty.git (GITHUB):
Affected version(s) >=netty-4.2.0.Final <netty-4.2.15.Final
Fix Suggestion:
Update to version netty-4.2.15.Final
https://github.com/netty/netty.git (GITHUB):
Affected version(s) >=netty-4.0.0.Alpha1 <netty-4.1.135.Final
Fix Suggestion:
Update to version netty-4.1.135.Final
io.netty:netty-transport-native-epoll (JAVA):
Affected version(s) >=4.0.16.Final <4.1.135.Final
Fix Suggestion:
Update to version 4.1.135.Final
io.netty:netty-transport-native-kqueue (JAVA):
Affected version(s) >=4.1.11.Final <4.1.135.Final
Fix Suggestion:
Update to version 4.1.135.Final
io.netty:netty-transport-native-epoll (JAVA):
Affected version(s) >=4.2.0.Final <4.2.15.Final
Fix Suggestion:
Update to version 4.2.15.Final
io.netty:netty-transport-native-kqueue (JAVA):
Affected version(s) >=4.2.0.Final <4.2.15.Final
Fix Suggestion:
Update to version 4.2.15.Final
Related Resources (4)
https://github.com/netty/netty/releases/tag/netty-4.2.15.Final
https://github.com/netty/netty
https://github.com/netty/netty/security/advisories/GHSA-w573-9ffj-6ff9
https://github.com/netty/netty/releases/tag/netty-4.1.135.Final
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.1
Attack Vector
LOCAL
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
NONE
Vulnerable System Availability
LOW
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW
Weakness Type (CWE)
Exposure of Sensitive Information to an Unauthorized Actor
CWE-200
Missing Release of Resource after Effective Lifetime
CWE-772