RxRPC Context Leak Vulnerability in Linux Kernel
CVE-2026-31632

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 April 2026

What is CVE-2026-31632?

A vulnerability exists in the Linux kernel's RxRPC module where the context created during response verification could lead to unexpected memory leaks. This situation could compromise system stability and security, as it may allow unauthorized access to sensitive data or resources. The issue has been addressed by implementing proper cleanup mechanisms in the rxgk_verify_response() function, ensuring that the context is appropriately managed after use. It is essential for users and administrators to update their systems to mitigate risks associated with this vulnerability.

Affected Version(s)

Linux 9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a < 4b5e8365515f4409de7d3b92a439154ee4f90f6d

Linux 9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a < 1bd3d01378c1f9ecd313d394b51c808c1f418615

Linux 9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a < 7e1876caa8363056f58a21d3b31b82c2daf7e608

References

https://git.kernel.org/stable/c/4b5e8365515f4409de7d3b92a...

https://git.kernel.org/stable/c/1bd3d01378c1f9ecd313d394b...

https://git.kernel.org/stable/c/7e1876caa8363056f58a21d3b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31632 Data

JSON