Kernel Vulnerability in Linux Affecting RxRPC Client Call Management
CVE-2026-31638

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 April 2026

What is CVE-2026-31638?

A vulnerability exists in the Linux kernel related to the RxRPC protocol that can result in unexpected kernel crashes. Specifically, the function rxrpc_input_packet_on_conn() does not properly manage references to client calls after the connection has been torn down. When the channel's call reference is NULL, the system fails to handle the error correctly, leading to a crash instead of appropriately rejecting the packet. This vulnerability highlights a flaw in reference count management, where the call reference is dropped unconditionally, even when it has not been acquired, potentially causing stability issues in the kernel during packet processing.

Affected Version(s)

Linux 5e6ef4f1017c7f844e305283bbd8875af475e2fc

Linux 5e6ef4f1017c7f844e305283bbd8875af475e2fc < 0c156aff8a2d4fa0d61db7837641975cf0e5452d

Linux 5e6ef4f1017c7f844e305283bbd8875af475e2fc < 8299ca146489664e3c0c90a3b8900d8335b1ede4

References

https://git.kernel.org/stable/c/b8f66447448d6c305a51413a6...

https://git.kernel.org/stable/c/0c156aff8a2d4fa0d61db7837...

https://git.kernel.org/stable/c/8299ca146489664e3c0c90a3b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31638 Data

JSON