CVE-2026-31640
HIGH EPSS 34.2%
Published Apr 24, 20262mo ago · Modified Jun 17, 20262w ago
7.5 CVSS 3.1
Published Apr 24, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpc_post_response(), the code should be comparing the challenge serial number from the cached response before deciding to switch to a newer response, but looks at the newer packet private data instead, rendering the comparison always false. Fix this by switching to look at the older packet. Fix further[1] to substitute the new packet in place of the old one if newer and also to release whichever we don't use.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
34.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-401
Affected Products 10
References 3
- git.kernel.org https://git.kernel.org/stable/c/20386e7f8d97475b8d815873e246423317ec4260
- git.kernel.org https://git.kernel.org/stable/c/9132b1a7bf83b4a8042fffbc99d075b727a16742
- git.kernel.org https://git.kernel.org/stable/c/b33f5741bb187db8ff32e8f5b96def77cc94dfca
Remediation
- git.kernel.org https://git.kernel.org/stable/c/20386e7f8d97475b8d815873e246423317ec4260
- git.kernel.org https://git.kernel.org/stable/c/9132b1a7bf83b4a8042fffbc99d075b727a16742
- git.kernel.org https://git.kernel.org/stable/c/b33f5741bb187db8ff32e8f5b96def77cc94dfca