kernel: Linux kernel: Denial of Service via unsafe requeue in rxrpc_recvmsg

A flaw was found in the Linux kernel. A local unprivileged process can exploit an unsafe requeue path in the rxrpcrecvmsg function by using AFRXRPC sockets with MSGDONTWAIT and MSGPEEK flags. This improper handling of the receive message queue can lead to memory corruption, such as Use-After-Free...

EUVD-2026-5478

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...