CVE-2026-31642

MEDIUM EPSS 2.4%
Published Apr 24, 20262mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Apr 24, 2026 2mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet->calls list to use list_del_rcu() rather than list_del_init() to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an infinite loop. This, however, means that list_empty() no longer works on an entry that's been deleted from the list, making it harder to detect prior deletion. Fix this by: Firstly, make rxrpc_destroy_all_calls() only dump the first ten calls that are unexpectedly still on the list. Limiting the number of steps means there's no need to call cond_resched() or to remove calls from the list here, thereby eliminating the need for rxrpc_put_call() to check for that. rxrpc_put_call() can then be fixed to unconditionally delete the call from the list as it is the only place that the deletion occurs.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-835

Affected Products 12

VendorProductVersionRange
linuxlinux_kernel*≥4.13.1  –  <6.6.135
linuxlinux_kernel*≥6.7  –  <6.12.82
linuxlinux_kernel*≥6.13  –  <6.18.23
linuxlinux_kernel*≥6.19  –  <6.19.13
linuxlinux_kernel4.13any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any
linuxlinux_kernel7.0any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/146d4ab94cf129ee06cd467cb5c71368a6b5bad6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/280efb85e9759881a9d31d0874baa04583cb6c09
  • git.kernel.org https://git.kernel.org/stable/c/3be718f659683ad89fad6f1eb66bee99727cae64
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3e47a38e584b905359fe0ce5be5165d1e8592a90
  • git.kernel.org https://git.kernel.org/stable/c/93fc15be44a35b8e3c58d0238ac0d9b7c53465ff
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ac5f54691be06a32246179d41be2d73598036deb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b15b1ce96777b88989a6a4de8d01efbcd81ad2d7
  • git.kernel.org https://git.kernel.org/stable/c/c63abf25203b50243fe228090526f9dbf37727bd
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/146d4ab94cf129ee06cd467cb5c71368a6b5bad6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3be718f659683ad89fad6f1eb66bee99727cae64
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/93fc15be44a35b8e3c58d0238ac0d9b7c53465ff
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ac5f54691be06a32246179d41be2d73598036deb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c63abf25203b50243fe228090526f9dbf37727bd
    Patch