UBUNTU-CVE-2026-46010

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

CVE-2026-31637

In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkaddecryptticket decrypts the RXKAD response ticket and then parses the buffer as plaintext without checking whether cryptoskcipherdecrypt succeeded. A malformed RESPONSE can...

CVE-2026-31637 rxrpc: reject undecryptable rxkad response tickets

In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkaddecryptticket decrypts the RXKAD response ticket and then parses the buffer as plaintext without checking whether cryptoskcipherdecrypt succeeded. A malformed RESPONSE can...

CVE-2026-31637

The CVE-2026-31637 vulnerability lies in the Linux kernel rxrpc subsystem. Specifically, rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then parses the buffer as plaintext without confirming that crypto_skcipher_decrypt() succeeded. A malformed RXKAD response could use a non-block-...

CVE-2026-31637

In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkaddecryptticket decrypts the RXKAD response ticket and then parses the buffer as plaintext without checking whether cryptoskcipherdecrypt succeeded. A malformed RESPONSE can...

Rack::Session::Cookie secrets: decrypt failure fallback enables secretless session forgery and Marshal deserialization

'Rack::Session::Cookie incorrectly handles decryption failures when configured with secrets:. If cookie decryption fails, the implementation falls back to a default decoder instead of rejecting the cookie. This allows an unauthenticated attacker to supply a crafted session cookie that is accepted...

PT-2026-30806

Name of the Vulnerable Software and Affected Versions Rack::Session versions 2.0.0 through 2.1.1 Description Rack::Session is a session management implementation for Rack. Versions 2.0.0 through 2.1.1 incorrectly handle decryption failures when configured with secrets. If cookie decryption fails,...

CVE-2026-22699

RustCrypto: Elliptic Curves (RustCrypto SM2 PKE) suffers a denial-of-service vulnerability in the decryption path when an invalid EC point is decoded. Affected versions are 0.14.0-pre.0 and 0.14.0-rc.0; AffinePoint::from_encoded_point(&encoded_c1) may yield None, but the code unwraps it, causing ...

GHSA-78P6-6878-8MJ6 SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt()

Summary A denial-of-service vulnerability exists in the SM2 PKE decryption path where an invalid elliptic-curve point C1 is decoded and the resulting value is unwrapped without checking. Specifically, AffinePoint::fromencodedpoint&encodedc1 may return a None/CtOption::None when the supplied...

Path is DEAD between Branch SDWAN devices

Virtual Path is showing DEAD between the Branch SDWAN devices after adding a device as Secondary MCN and pushed the configuration. You will see the following highlighted message getting incremented in SDWANDiagnostic logs : Command: dropcounts Index Count File Name Function Name Line Reason text...