CVE-2026-31676
rxrpc: only handle RESPONSE during service challenge
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.5EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
25 abr 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: only handle RESPONSE during service challenge
Only process RESPONSE packets while the service connection is still in
RXRPC_CONN_SERVICE_CHALLENGING. Check that state under state_lock before
running response verification and security initialization, then use a local
secured flag to decide whether to queue the secured-connection work after
the state transition. This keeps duplicate or late RESPONSE packets from
re-running the setup path and removes the unlocked post-transition state
test.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/03fd2ef73cb4ffd0af100a95b634af54f474414ehttps://git.kernel.org/stable/c/0afdfd4941c1b60a1f5c361760daa970edca60cdhttps://git.kernel.org/stable/c/29b44d904dceb832be880def08b8cb17a0aba91chttps://git.kernel.org/stable/c/6c3a0fbdafef8316e34ae22333e317a341e737cdhttps://git.kernel.org/stable/c/a1a8efde03a40b6c658d580e96644d9b9a2a0d3ahttps://git.kernel.org/stable/c/a6bcf8010af093fe04f7100562e9542ab7882585https://git.kernel.org/stable/c/c43ffdcfdbb5567b1f143556df8a04b4eeea041chttps://git.kernel.org/stable/c/d0035e634dae83237ab7f5681eb52b2f65d0ceb8