Response Authenticator Oversize Check in Linux Kernel
CVE-2026-31635

7.5HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 April 2026

Badges

🔥 Trending now📈 Trended📈 Score: 3,440👾 Exploit Exists📰 News Worthy

What is CVE-2026-31635?

CVE-2026-31635 is a vulnerability identified in the Linux kernel, specifically related to the handling of oversized RESPONSE authenticators within the RXRPC protocol. RXRPC is a network protocol designed to facilitate remote procedure calls over a potentially unreliable network. This vulnerability arises from an error in the length check for RESPONSE authenticators, allowing oversized values to be incorrectly accepted and passed to further processing functions. Consequently, this can lead to conditions where the system attempts to handle data sizes that exceed its limits, leading to potential crashes or unexpected behavior, thereby posing a significant risk to the stability and security of Linux systems.

Potential Impact of CVE-2026-31635

Denial of Service (DoS): The flawed length verification could enable an attacker to send malformed packets, triggering crashes or unexpected failures in the affected systems. This could disrupt service availability, effectively leading to a denial of service.
System Instability: Since the vulnerability allows for oversized data to be processed, it could result in critical errors during data handling processes, leading to system instability or crashes that might affect other applications or services running on the same system.
Potential Exploitation by Malicious Actors: There is a risk that this vulnerability could be leveraged by attackers to facilitate further exploits or attacks, including potential remote code execution scenarios, depending on how the system processes these faulty packets. This would pose a significant threat to data integrity and security within affected organizations.

Affected Version(s)

Linux 9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a

News Articles

Swapupdate

CVE-2026-31635

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege

22 hours ago

It Security News

CVE-2026-31635

DirtyDecrypt Linux Kernel Vulnerability PoC Exploit Code Released - IT Security News

A working proof-of-concept (PoC) exploit for a high-severity Linux kernel local privilege escalation vulnerability dubbed DirtyDecrypt, also tracked as DirtyCBC, enables local attackers to gain full root access on affected systems. Security analyst Will Dormann technically attributes the flaw to CVE...

1 day ago