VDB

CVE-2026-31637

CVE-2026-31637 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then parses the buffer as plaintext without checking whether crypto_skcipher_decrypt() succeeded. A malformed RESPONSE can therefore use a non-block-aligned ticket length, make the decrypt operation fail, and still drive the ticket parser with attacker-controlled bytes. Check the decrypt result and abort the connection with RXKADBADTICKET when ticket decryption fails.

EPSS 0.10% · 26.7th percentile

Risk Scores

EPSS Score
0.10%
26.7th percentile

Affected Products

VendorProductVersions
linuxlinux_kernel2.6.22, 2.6.22, 2.6.22
LinuxLinux17926a79320afa9b95df6b977b40cca6d8713cea, 17926a79320afa9b95df6b977b40cca6d8713cea, 17926a79320afa9b95df6b977b40cca6d8713cea

Timeline

  • Apr 24, 2026 CVE Published
  • Apr 24, 2026 Security Advisory
  • Apr 27, 2026 Security Advisory
  • May 18, 2026 EPSS Score
  • May 19, 2026 EPSS Score
  • May 20, 2026 EPSS Score
  • May 21, 2026 EPSS Score
  • May 22, 2026 EPSS Score
  • May 23, 2026 EPSS Score
  • May 24, 2026 EPSS Score
  • May 25, 2026 EPSS Score
  • May 26, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›