CVE-2026-31637

In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkaddecryptticket decrypts the RXKAD response ticket and then parses the buffer as plaintext without checking whether cryptoskcipherdecrypt succeeded. A malformed RESPONSE can...

CVE-2026-31637

The CVE-2026-31637 vulnerability lies in the Linux kernel rxrpc subsystem. Specifically, rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then parses the buffer as plaintext without confirming that crypto_skcipher_decrypt() succeeded. A malformed RXKAD response could use a non-block-...

PT-2026-34989

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The rxkad decrypt ticket function decrypts the RXKAD response ticket but parses the buffer as plaintext without verifying if the crypto skcipher decrypt operation was successful. A...

CVE-2023-53762

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in hcidisconnectallsync Use-after-free can occur in hcidisconnectallsync if a connection is deleted by concurrent processing of a controller event. To prevent this the code now tries to iterate over th...

AZL-68141 CVE-2025-39946 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: tls: make sure to abort the stream if headers are bogus Normally we wait for the socket to buffer up the whole record before we service it. If the socket has a tiny buffer, however, we read out the data sooner, to prevent...