Linux Distros Unpatched Vulnerability : CVE-2026-31638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Only put the call ref if one was acquired rxrpcinputpacketonconn can process a to-client packet after the current client call on the channel has already...

rxrpc: only handle RESPONSE during service challenge

...

rxrpc: Fix key reference count leak from call->key

...

rxrpc: Fix call removal to use RCU safe deletion

...

rxrpc: reject undecryptable rxkad response tickets

...

rxrpc: Only put the call ref if one was acquired

...

SeqShield: A Behavioral Analysis Approach to Uncover Rootkits

Rootkits are among the most elusive types of malware, capable of bypassing traditional static analysis methods due to their metamorphic behavior. Signature-based detection techniques struggle against these threats, necessitating a shift toward dynamic analysis approaches. We propose SeqShield, a...

n8n-MCP: Sensitive MCP tool-call arguments logged on authenticated requests in HTTP mode

Impact When n8n-mcp runs in HTTP transport mode, authenticated MCP tools/call requests had their full arguments and JSON-RPC params written to server logs by the request dispatcher and several sibling code paths before any redaction. When a tool call carries credential material — most notably...

GHSA-WG4G-395P-MQV3 n8n-MCP: Sensitive MCP tool-call arguments logged on authenticated requests in HTTP mode

Impact When n8n-mcp runs in HTTP transport mode, authenticated MCP tools/call requests had their full arguments and JSON-RPC params written to server logs by the request dispatcher and several sibling code paths before any redaction. When a tool call carries credential material — most notably...

EUVD-2026-25643

In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection is still in RXRPCCONNSERVICECHALLENGING. Check that state under statelock before running response verification and...

CVE-2026-31676

In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection is still in RXRPCCONNSERVICECHALLENGING. Check that state under statelock before running response verification and...

OESA-2026-2074 llvm security update

LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...

SUSE CVE-2026-31636

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgkverifyauthenticator copies authlen bytes into a temporary buffer and then passes p + authlen as the parser limit to rxgkdoverifyauthenticator. Since p is a be32 , that inflate...

SUSE CVE-2026-31638

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpcinputpacketonconn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpctrygetcall retur...

SUSE CVE-2026-31640

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpcpostresponse, the code should be comparing the challenge serial number from the cached response before deciding to switch to a newer response, but...

SUSE CVE-2026-31641

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpcpreparsexdryfsrxgk reads the raw key length and ticket length from the XDR token as u32 values and passes each through roundupx, 4 before using the rounded value for validation a...

SUSE CVE-2026-31653

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc repeatcallcontrol if damoncall fails damoncall for repeatcallcontrol of DAMONSYSFS could fail if somehow the kdamond is stopped before the damoncall. It could happen, for example, when te damon context was...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper state checking in the rxrpc service challenge phase. This vulnerability may lead to...

PT-2026-35136

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RxRPC component where RESPONSE packets were not strictly limited to the service challenge phase. This allowed duplicate or late RESPONSE packets to re-run the setu...

CVE-2026-31638

A flaw was found in the Linux kernel's rxrpc subsystem. This vulnerability occurs when the system processes a packet intended for a client after the client's call on the channel has already been terminated. An attacker could exploit this protocol error path, which improperly handles call...