HIGHCVE-2026-31631Published Modified CNA Linux
CVE-2026-31631: rxrpc: Fix buffer overread in rxgk_do_verify_authenticator()
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgk_do_verify_authenticator() Fix rxgk_do_verify_authenticator() to check the buffer size before checking the nonce.
Metrics
- CVSS v3.1
- 8.2
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
01c4422d8be81718ecb15d79aedff6073230852016.18.236.19.137.0794586789800b16dcbe235452494f4223ac80413f564af387c8c28238f8ebc13314c589d7ba8475d
Affected packages
- Linux / Linux< 794586789800b16dcbe235452494f4223ac80413 (from 9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a) · < 1c4422d8be81718ecb15d79aedff607323085201 (from 9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a) · < f564af387c8c28238f8ebc13314c589d7ba8475d (from 9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a)
- Linux / Linux6.16Fixed in 0, 6.18.23, 6.19.13, 7.0
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H