CVE-2026-31631 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgk_do_verify_authenticator() Fix rxgk_do_verify_authenticator() to check the buffer size before checking the nonce.

PUBLISHED Reserved 2026-03-09 | Published 2026-04-24 | Updated 2026-04-27 | Assigner Linux

HIGH: 8.2CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Product status

Default status

unaffected

9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a (git) before 794586789800b16dcbe235452494f4223ac80413

affected

9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a (git) before 1c4422d8be81718ecb15d79aedff607323085201

affected

9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a (git) before f564af387c8c28238f8ebc13314c589d7ba8475d

affected

Default status

affected

6.16

affected

Any version before 6.16

unaffected

6.18.23 (semver)

unaffected

6.19.13 (semver)

unaffected

7.0 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/794586789800b16dcbe235452494f4223ac80413

git.kernel.org/...c/1c4422d8be81718ecb15d79aedff607323085201

git.kernel.org/...c/f564af387c8c28238f8ebc13314c589d7ba8475d

cve.org (CVE-2026-31631)

nvd.nist.gov (CVE-2026-31631)

Download JSON