4 matches found
CVE-2026-31676
In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection is still in RXRPCCONNSERVICECHALLENGING. Check that state under statelock before running response verification and...
CVE-2026-31676 rxrpc: only handle RESPONSE during service challenge
In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection is still in RXRPCCONNSERVICECHALLENGING. Check that state under statelock before running response verification and...
CVE-2026-31676
The CVE-2026-31676 issue concerns the Linux kernel’s rxrpc subsystem. A flaw allowed duplicate or late RESPONSE packets to be processed outside the intended RXRPC_CONN_SERVICE_CHALLENGING state. The fix enforces state-checking under a state_lock before performing response verification and securit...
PT-2026-35136
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RxRPC component where RESPONSE packets were not strictly limited to the service challenge phase. This allowed duplicate or late RESPONSE packets to re-run the setu...