Packet Handling Flaw in Linux Kernel Affects Decryption Processes
CVE-2026-46085

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-46085?

A vulnerability in the Linux kernel was identified related to rxrpc, which affects the handling of packets with misaligned crypto length during decryption. This issue can lead to unintended consequences as it fails to correctly manage non-ENOMEM errors, potentially disrupting the expected operation of cryptographic functions. The resolution includes improved alignment handling and the removal of the WARN_ON_ONCE() check to prevent remote triggering. As a result, users are encouraged to update their systems to mitigate this vulnerability and ensure secure communications.

Affected Version(s)

Linux 9853917f9edf08efb0b55c26d9eb8340f126d9e9

Linux e9c369d58785044427450350ad32d6a2497fb379 < 440d20d95e844b657a93a0b2dcc2aae155efdce6

Linux bf4d6e4a6856eedeb7f66eb91224115bfff4e2cb

References

https://git.kernel.org/stable/c/f1c6bd0cc786a8fa74829ce3c...

https://git.kernel.org/stable/c/440d20d95e844b657a93a0b2d...

https://git.kernel.org/stable/c/f0d3efd03b2a9e0f1ffa6df8f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-46085 Data

JSON