The zsys_udp_new() method does not set the O_CLOEXEC flag on the socket descriptor, which leads to the descriptor leaking if the process subsequently performs an exec(). This is a particular issue for the zbeacon class as the flag cannot be set by client code either, since the UDP socket descriptors are private to the class.