CVE-2026-45988

Summary

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix re-decryption of RESPONSE packets

If a RESPONSE packet gets a temporary failure during processing, it may end up in a partially decrypted state - and then get requeued for a retry.

Fix this by just discarding the packet; we will send another CHALLENGE packet and thereby elicit a further response. Similarly, discard an incoming CHALLENGE packet if we get an error whilst generating a RESPONSE; the server will send another CHALLENGE.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux17926a79320afa9b95df6b977b40cca6d8713cea < d61482be4aae1835b78875761206241835a7510eaffected
LinuxLinux17926a79320afa9b95df6b977b40cca6d8713cea < 7b89868305052b94a91b708c462bc2281fa42a4aaffected
LinuxLinux17926a79320afa9b95df6b977b40cca6d8713cea < 76cb9a2d252274adfae6e293a292434631a7d472affected
LinuxLinux17926a79320afa9b95df6b977b40cca6d8713cea < f55b383070170e988e4dec28be2af1714d258521affected
LinuxLinux17926a79320afa9b95df6b977b40cca6d8713cea < 0422e7a4883f25101903f3e8105c0808aa5f4ce9affected
LinuxLinux2.6.22affected
LinuxLinux0 < 2.6.22unaffected
LinuxLinux6.6.140 <= 6.6.*unaffected
LinuxLinux6.12.86 <= 6.12.*unaffected
LinuxLinux6.18.27 <= 6.18.*unaffected
LinuxLinux7.0.4 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

References