CVE-2026-45988
published 2026-05-27CVE-2026-45988: In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix re-decryption of RESPONSE packets If a RESPONSE packet gets a temporary failure…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix re-decryption of RESPONSE packets
If a RESPONSE packet gets a temporary failure during processing, it may end
up in a partially decrypted state - and then get requeued for a retry.
Fix this by just discarding the packet; we will send another CHALLENGE
packet and thereby elicit a further response. Similarly, discard an
incoming CHALLENGE packet if we get an error whilst generating a RESPONSE;
the server will send another CHALLENGE.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux | — | — |
| linux | linux | >= 17926a79320afa9b95df6b977b40cca6d8713cea < d61482be4aae1835b78875761206241835a7510e | d61482be4aae1835b78875761206241835a7510e |
| linux | linux | >= 17926a79320afa9b95df6b977b40cca6d8713cea < 7b89868305052b94a91b708c462bc2281fa42a4a | 7b89868305052b94a91b708c462bc2281fa42a4a |
| linux | linux | >= 17926a79320afa9b95df6b977b40cca6d8713cea < 76cb9a2d252274adfae6e293a292434631a7d472 | 76cb9a2d252274adfae6e293a292434631a7d472 |
| linux | linux | >= 17926a79320afa9b95df6b977b40cca6d8713cea < f55b383070170e988e4dec28be2af1714d258521 | f55b383070170e988e4dec28be2af1714d258521 |
| linux | linux | >= 17926a79320afa9b95df6b977b40cca6d8713cea < 0422e7a4883f25101903f3e8105c0808aa5f4ce9 | 0422e7a4883f25101903f3e8105c0808aa5f4ce9 |
| linux | linux_kernel | — | — |