CVE-2026-31634 PUBLISHED

rxrpc: fix reference count leak in rxrpc_server_keyring()

Assigner: Linux
Reserved: 09.03.2026 Published: 24.04.2026 Updated: 24.04.2026

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: fix reference count leak in rxrpc_server_keyring()

This patch fixes a reference count leak in rxrpc_server_keyring() by checking if rx->securities is already set.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 17926a79320afa9b95df6b977b40cca6d8713cea to fc76d0bd00850b7372f0a4a319c0c60f80487632 (excl.)
  • affected from 17926a79320afa9b95df6b977b40cca6d8713cea to c6d9ea26cf8756ad6f162578e94a5f82f6fae3c2 (excl.)
  • affected from 17926a79320afa9b95df6b977b40cca6d8713cea to 9ce36d28f67c2a477a7e2f03480de3f6783fb363 (excl.)
  • affected from 17926a79320afa9b95df6b977b40cca6d8713cea to 12de9e0e0b0b7058be7dfb8a5927eb565bc25780 (excl.)
  • affected from 17926a79320afa9b95df6b977b40cca6d8713cea to 8ee931c3cd97f1c42b4fbf057f04b9dae45dfb7a (excl.)
  • affected from 17926a79320afa9b95df6b977b40cca6d8713cea to 139c750bf06649097d98b0bc41e2a678b4627e27 (excl.)
  • affected from 17926a79320afa9b95df6b977b40cca6d8713cea to f125846ee79fcae537a964ce66494e96fa54a6de (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 2.6.22 is affected
  • unaffected from 0 to 2.6.22 (excl.)
  • unaffected from 5.15.203 to 5.15.* (incl.)
  • unaffected from 6.1.169 to 6.1.* (incl.)
  • unaffected from 6.6.135 to 6.6.* (incl.)
  • unaffected from 6.12.82 to 6.12.* (incl.)
  • unaffected from 6.18.23 to 6.18.* (incl.)
  • unaffected from 6.19.13 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References