DigiNews

Summary

A security-focused teardown of the rewritten AF_UNIX garbage collector in the Linux kernel, detailing how the GC uses a Tarjan-based graph of inflight sockets and how a vulnerability (CVE-2025-40214) arose from an uninitialized scc_index leading to a use-after-free risk in the fast path. The article also describes a patch to initialise unix_vertex_max_scc_index and prevent aliasing, plus a staged repro illustrating the potential exploitation.