CVE-2026-2261

Name of the Vulnerable Software and Affected Versions blocklistd (affected versions not specified)

Description A programming error in blocklistd causes it to leak a socket descriptor for each adverse event report it receives. As the number of leaked sockets increases, blocklistd becomes unable to run its helper script due to a null pointer dereference, leading to a crash. This prevents blocklistd from blocking or unblocking addresses. Eventually, blocklistd becomes unable to receive new adverse event reports. An attacker can exploit this by triggering a large number of adverse events from multiple IP addresses to disable blocklistd before launching an attack. Even without malicious activity, normal operations can lead to the accumulation of open sockets, causing blocklistd to become ineffective and potentially slowing down the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.