CVE-2026-31676
Improper State Validation in Linux rxrpc Causes Security Risk
Publication date: 2026-04-25
Last updated on: 2026-04-27
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's rxrpc component. It involves improper handling of RESPONSE packets during the service challenge phase of a connection. Specifically, the system should only process RESPONSE packets while the connection is in the RXRPC_CONN_SERVICE_CHALLENGING state. The fix ensures that the state is checked under a lock before verifying the response and initializing security, preventing duplicate or late RESPONSE packets from re-running the setup process and removing unsafe state checks after the transition.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow duplicate or late RESPONSE packets to interfere with the connection setup process in the rxrpc service. This might lead to improper security initialization or unexpected behavior in the connection handling, potentially weakening the security of the communication or causing instability.