USN-8390-1 linux, linux-azure, linux-azure-4.15, linux-azure-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

Ubuntu 26.04 LTS : Linux kernel vulnerabilities (USN-8370-1)

The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8370-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. ...

CVE-2026-45988

A flaw was found in the Linux kernel's rxrpc subsystem. When an rxrpc RESPONSE packet experiences a temporary processing failure, it may enter a partially decrypted state and be re-queued for another attempt. This incorrect handling of partially decrypted packets could lead to communication...

CVE-2026-45998

A flaw was found in the Linux kernel's rxrpc subsystem. This vulnerability arises when the system attempts to unshare a packet buffer, and the operation fails due to an allocation issue. This failure can lead to a Use-After-Free UAF condition, where the system attempts to access memory that has...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

CVE-2026-31639

A flaw was found in the rxrpc subsystem of the Linux kernel. When a client call is created, a reference to a key is obtained but not properly released when the call is destroyed. This oversight leads to a key reference count leak, which can accumulate over time. This resource exhaustion could...

CVE-2026-31676

A flaw was found in the rxrpc subsystem of the Linux kernel. This vulnerability allows for duplicate or late RESPONSE packets to be processed outside of the expected service challenging state. An attacker could potentially exploit this by sending specially crafted RESPONSE packets, leading to the...

CVE-2026-31634

A flaw was found in the Linux kernel's rxrpc subsystem. An issue with managing reference counts in the rxrpcserverkeyring function could lead to a resource leak. This vulnerability might allow a local attacker to exhaust system resources, potentially causing a denial of service DoS...

PT-2025-33567

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition exists in the rxrpc subsystem where a call can be processed by multiple threads concurrently. This occurs when a call is placed on the socket queue and multiple thread...

PT-2025-33557

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the rxrpc subsystem. Specifically, if an AF RXRPC service socket is opened and bound with preallocated calls, the rxrpc alloc incoming call...

PT-2025-33587

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s rxrpc subsystem related to preallocation of incoming calls when using AF RXRPC for server functionality. The issue arises from a collision during...