Exploit for Improper Handling of Length Parameter Inconsistency in Linux Linux_Kernel

CVE-2026-31635...

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

Proof-of-concept PoC exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation LPE. Dubbed DirtyDecrypt aka DirtyCBC, the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026,...

CVE-2026-31635

creationtimestamp| type| source ---|---|--- 2026-04-28 07:00:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkjz5zurue2n 2026-05-17 13:37:26+00:00| seen| https://bsky.app/profile/wdormann.infosec.exchange.ap.brid.gy/post/3mm2i7sitqdt2 2026-05-18 02:30:46+00:00| seen|...

UBUNTU-CVE-2026-31635

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix oversized RESPONSE authenticator length check rxgkverifyresponse decodes authlen from the packet and is supposed to verify that it fits in the remaining bytes. The existing check is inverted, so oversized RESPONSE...