7.5

CVE-2026-31676

rxrpc: only handle RESPONSE during service challenge

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: only handle RESPONSE during service challenge

Only process RESPONSE packets while the service connection is still in
RXRPC_CONN_SERVICE_CHALLENGING. Check that state under state_lock before
running response verification and security initialization, then use a local
secured flag to decide whether to queue the secured-connection work after
the state transition. This keeps duplicate or late RESPONSE packets from
re-running the setup path and removes the unlocked post-transition state
test.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.22 < 6.6.136
LinuxLinux Kernel Version >= 6.7 < 6.12.84
LinuxLinux Kernel Version >= 6.13 < 6.18.23
LinuxLinux Kernel Version >= 6.19 < 6.19.13
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
LinuxLinux Kernel Version7.0 Updaterc4
LinuxLinux Kernel Version7.0 Updaterc5
LinuxLinux Kernel Version7.0 Updaterc6
LinuxLinux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.39% 0.305
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/d0035e634dae83237ab7f5681eb52b2f65d0ceb8
Patch
https://git.kernel.org/stable/c/03fd2ef73cb4ffd0af100a95b634af54f474414e
Patch
https://git.kernel.org/stable/c/c43ffdcfdbb5567b1f143556df8a04b4eeea041c
Patch
https://git.kernel.org/stable/c/29b44d904dceb832be880def08b8cb17a0aba91c
Patch
https://git.kernel.org/stable/c/a6bcf8010af093fe04f7100562e9542ab7882585
Patch
https://git.kernel.org/stable/c/0afdfd4941c1b60a1f5c361760daa970edca60cd
https://git.kernel.org/stable/c/6c3a0fbdafef8316e34ae22333e317a341e737cd
https://git.kernel.org/stable/c/a1a8efde03a40b6c658d580e96644d9b9a2a0d3a