CVE-2026-46085 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxkad crypto unalignment handling Fix handling of a packet with a misaligned crypto length. Also handle non-ENOMEM errors from decryption by aborting. Further, remove the WARN_ON_ONCE() so that it can't be remotely triggered (a trace line can still be emitted).

PUBLISHED Reserved 2026-05-13 | Published 2026-05-27 | Updated 2026-05-30 | Assigner Linux

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Product status

Default status

unaffected

9853917f9edf08efb0b55c26d9eb8340f126d9e9 (git) before f1c6bd0cc786a8fa74829ce3c4b3673944a308f4

affected

e9c369d58785044427450350ad32d6a2497fb379 (git) before 440d20d95e844b657a93a0b2dcc2aae155efdce6

affected

bf4d6e4a6856eedeb7f66eb91224115bfff4e2cb (git) before f0d3efd03b2a9e0f1ffa6df8fcb264af3d494286

affected

f93af41b9f5f798823d0d0fb8765c2a936d76270 (git) before af9271eb666d07b6f65612dc160a47f7cb5220ed

affected

f93af41b9f5f798823d0d0fb8765c2a936d76270 (git) before def304aae2edf321d2671fd6ca766a93c21f877e

affected

5cdf57eda01a1ffaeb61ac39ec4dcc94a690431e (git)

affected

6.6.135 (semver) before 6.6.140

affected

6.12.82 (semver) before 6.12.86

affected

6.18.23 (semver) before 6.18.27

affected

6.19.13 (semver) before 6.20

affected

Default status

affected

7.0

affected

Any version before 7.0

unaffected

6.6.140 (semver)

unaffected

6.12.86 (semver)

unaffected

6.18.27 (semver)

unaffected

7.0.4 (semver)

unaffected

7.1-rc1 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/f1c6bd0cc786a8fa74829ce3c4b3673944a308f4

git.kernel.org/...c/440d20d95e844b657a93a0b2dcc2aae155efdce6

git.kernel.org/...c/f0d3efd03b2a9e0f1ffa6df8fcb264af3d494286

git.kernel.org/...c/af9271eb666d07b6f65612dc160a47f7cb5220ed

git.kernel.org/...c/def304aae2edf321d2671fd6ca766a93c21f877e

cve.org (CVE-2026-46085)

nvd.nist.gov (CVE-2026-46085)

Download JSON