5.5

CVE-2026-31632

rxrpc: Fix leak of rxgk context in rxgk_verify_response()

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix leak of rxgk context in rxgk_verify_response()

Fix rxgk_verify_response() to clean up the rxgk context it creates.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.16.1 < 6.18.23
LinuxLinux Kernel Version >= 6.19 < 6.19.13
LinuxLinux Kernel Version6.16 Update-
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
LinuxLinux Kernel Version7.0 Updaterc4
LinuxLinux Kernel Version7.0 Updaterc5
LinuxLinux Kernel Version7.0 Updaterc6
LinuxLinux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.022
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/4b5e8365515f4409de7d3b92a439154ee4f90f6d
Patch
https://git.kernel.org/stable/c/1bd3d01378c1f9ecd313d394b51c808c1f418615
Patch
https://git.kernel.org/stable/c/7e1876caa8363056f58a21d3b31b82c2daf7e608
Patch