5.5
CVE-2026-31643
- EPSS 0.12%
- Veröffentlicht 24.04.2026 14:44:57
- Zuletzt bearbeitet 27.04.2026 20:19:26
- CVE-Watchlists
- Unerledigt
rxrpc: Fix key parsing memleak
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key parsing memleak In rxrpc_preparse_xdr_yfs_rxgk(), the memory attached to token->rxgk can be leaked in a few error paths after it's allocated. Fix this by freeing it in the "reject_token:" case.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.16.1 < 6.18.23
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.13
Linux ≫ Linux Kernel Version6.16 Update-
Linux ≫ Linux Kernel Version7.0 Updaterc1
Linux ≫ Linux Kernel Version7.0 Updaterc2
Linux ≫ Linux Kernel Version7.0 Updaterc3
Linux ≫ Linux Kernel Version7.0 Updaterc4
Linux ≫ Linux Kernel Version7.0 Updaterc5
Linux ≫ Linux Kernel Version7.0 Updaterc6
Linux ≫ Linux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.022 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/d5f76f812d2c0ea6dd651b0586be49e85ecca085
https://git.kernel.org/stable/c/01f51318feb626deee1d0c8a190198cd7857d599
https://git.kernel.org/stable/c/b555912b9b21075e8298015f888ffe3ff60b1a97