CVE-2026-31633 rxrpc: Fix integer overflow in rxgk_verify_response()

🗓️ 24 Apr 2026 14:44:48Reported by LinuxType

Fix integer overflow in rxgk_verify_response by checking unrounded token length against packet size.

Reporter	Title	Published	Views	Family All 16
ATTACKERKB	CVE-2026-31633	24 Apr 202614:44	–	attackerkb
AstraLinux	Astra Linux – Vulnerability in Linux 5.10	19 Jun 202611:10	–	astralinux
Circl	CVE-2026-31633	28 Apr 202607:00	–	circl
CNNVD	Linux kernel 安全漏洞	24 Apr 202600:00	–	cnnvd
CVE	CVE-2026-31633	24 Apr 202614:44	–	cve
Debian CVE	CVE-2026-31633	24 Apr 202614:44	–	debiancve
EUVD	EUVD-2026-25526	24 Apr 202614:44	–	euvd
NVD	CVE-2026-31633	24 Apr 202615:16	–	nvd
OSV	BELL-CVE-2026-31633	25 Apr 202606:08	–	osv
OSV	DEBIAN-CVE-2026-31633	24 Apr 202615:16	–	osv

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/rxrpc/rxgk.c"
    ],
    "versions": [
      {
        "version": "9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a",
        "lessThan": "1f864d9daaf622aeaa774404fd51e7d6a435b046",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a",
        "lessThan": "c1e242beb6b1efc3c286f617e8d940c8fbf2ed41",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a",
        "lessThan": "699e52180f4231c257821c037ed5c99d5eb0edb8",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/rxrpc/rxgk.c"
    ],
    "versions": [
      {
        "version": "6.16",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.16",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.23",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.19.13",
        "lessThanOrEqual": "6.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/c1e242beb6b1efc3c286f617e8d940c8fbf2ed41
git	www.git.kernel.org/stable/c/699e52180f4231c257821c037ed5c99d5eb0edb8
git	www.git.kernel.org/stable/c/1f864d9daaf622aeaa774404fd51e7d6a435b046

11 May 2026 22:12Current

CVSS 3.19.8

EPSS0.00469