Expired Pointer Dereference Affecting corewcf.unixdomainsocket package, versions [1.5.0-preview1,1.8.1)[1.9.0,1.9.1)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-DOTNET-COREWCFUNIXDOMAINSOCKET-17398210
- published22 Jun 2026
- disclosed19 Jun 2026
- creditUnknown
Introduced: 19 Jun 2026
NewCVE-2026-54778 (opens in a new tab)How to fix?
Upgrade CoreWCF.UnixDomainSocket to version 1.8.1, 1.9.1 or higher.
Overview
CoreWCF.UnixDomainSocket is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. The goal of this project is to enable existing WCF services to move to .NET Core.
Affected versions of this package are vulnerable to Expired Pointer Dereference in NativeSysCall.GetUserInfo and NativeSysCall.GetGroupInfo in UnixDomainSocketInterop. An attacker can cause incorrect POSIX identity resolution by triggering concurrent UID/GID lookups, allowing the managed code to read overwritten data from libc’s shared static buffers. This breaks user and group authentication metadata for Unix domain socket credentials, allowing the application to attribute a connection to the wrong user or group and make authorization decisions based on the wrong identity.
Notes
- The issue is limited to deployments that rely on Unix domain socket peer-credential lookups for local authorization;
Workarounds
- Restrict filesystem permissions on the Unix domain socket path so only trusted local users can connect to it; this constrains the attacker pool that can trigger the identity-resolution race.