Linux Distros Unpatched Vulnerability : CVE-2026-45998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet du...

Linux Distros Unpatched Vulnerability : CVE-2026-46000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however...

UBUNTU-CVE-2026-46000

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however, the skbuff may be shared with a packet sniffer, which would lead to...

Exploit for Improper Handling of Length Parameter Inconsistency in Linux Linux_Kernel

CVE-2026-31635 · DirtyDecrypt !License: MIThttps://img.sh...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: The issue regarding the incorrect skb being used during the comparison of the queued RESP challenge serial number has been fixed. In rxrpcpostresponse, the code should compare the challenge serial number from the cached...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: fixed the RESPONSE authenticator parser OOB read issue. The rxgkverifyauthenticator function copies authlen bytes into a temporary buffer, and then passes p + authlen as the parser limit to rxgkdoverifyauthenticator...

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag Technical Analysis CVE-2026-43284 xfrm-ESP / C...

Active attack: Dirty Frag Linux vulnerability expands post-compromise risk

In this article 1. Why Dirty Frag matters 2. Technical overview 3. Exploitation scenarios 4. Mitigation guidance 5. Post-mitigation integrity verification 6. References A newly disclosed Linux local privilege escalation vulnerability known as “Dirty Frag” enables escalation from an unprivileged...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed an oops due to the absence of a prealloc backlog struct. If an AFRXRPC service socket is opened and bound, but the calls are pre-allocated, then rxrpcallocincomingcall will cause an oops because the rxrpcbacklog stru...

Linux Distros Unpatched Vulnerability : CVE-2026-31633

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix integer overflow in rxgkverifyresponse In rxgkverifyresponse, there's a potential integer overflow due to rounding up tokenlen before checking it,...

Linux Distros Unpatched Vulnerability : CVE-2026-31636

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: fix RESPONSE authenticator parser OOB read rxgkverifyauthenticator copies authlen bytes into a temporary buffer and then passes p + authlen as the parser...

Linux Distros Unpatched Vulnerability : CVE-2026-31676

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection is still in RXRPCCONNSERVICECHALLENGING. Check...

DEBIAN-CVE-2026-31636

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgkverifyauthenticator copies authlen bytes into a temporary buffer and then passes p + authlen as the parser limit to rxgkdoverifyauthenticator. Since p is a be32 , that inflate...

CVE-2026-31636

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgkverifyauthenticator copies authlen bytes into a temporary buffer and then passes p + authlen as the parser limit to rxgkdoverifyauthenticator. Since p is a be32 , that inflate...

CVE-2026-31635 rxrpc: fix oversized RESPONSE authenticator length check

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix oversized RESPONSE authenticator length check rxgkverifyresponse decodes authlen from the packet and is supposed to verify that it fits in the remaining bytes. The existing check is inverted, so oversized RESPONSE...

EUVD-2026-25526

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgkverifyresponse In rxgkverifyresponse, there's a potential integer overflow due to rounding up tokenlen before checking it, thereby allowing the length check to be bypassed. Fix this by checking...

CVE-2026-31631 rxrpc: Fix buffer overread in rxgk_do_verify_authenticator()

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgkdoverifyauthenticator Fix rxgkdoverifyauthenticator to check the buffer size before checking the nonce...

Amazon Linux 2 : kernel, --advisory ALAS2-2026-3237 (ALAS-2026-3237)

The version of kernel installed on the remote host is prior to 4.14.355-281.714. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3237 advisory. In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue CVE-2026-23066...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2026-119 (ALASKERNEL-5.4-2026-119)

The version of kernel installed on the remote host is prior to 5.4.302-223.457. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.4-2026-119 advisory. In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue...

Linux Distros Unpatched Vulnerability : CVE-2026-23118

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix data-race warning and potential load/store tearing Fix the following: BUG: KCSAN: data-race in rxrpcpeerkeepaliveworker / rxrpcsenddatapacket which ...