CVE-2026-46085 PUBLISHED

rxrpc: Fix rxkad crypto unalignment handling

Assigner: Linux
Reserved: 13.05.2026 Published: 27.05.2026 Updated: 27.05.2026

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix rxkad crypto unalignment handling

Fix handling of a packet with a misaligned crypto length. Also handle non-ENOMEM errors from decryption by aborting. Further, remove the WARN_ON_ONCE() so that it can't be remotely triggered (a trace line can still be emitted).

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 9853917f9edf08efb0b55c26d9eb8340f126d9e9 to f1c6bd0cc786a8fa74829ce3c4b3673944a308f4 (excl.)
  • affected from e9c369d58785044427450350ad32d6a2497fb379 to 440d20d95e844b657a93a0b2dcc2aae155efdce6 (excl.)
  • affected from bf4d6e4a6856eedeb7f66eb91224115bfff4e2cb to f0d3efd03b2a9e0f1ffa6df8fcb264af3d494286 (excl.)
  • affected from f93af41b9f5f798823d0d0fb8765c2a936d76270 to af9271eb666d07b6f65612dc160a47f7cb5220ed (excl.)
  • affected from f93af41b9f5f798823d0d0fb8765c2a936d76270 to def304aae2edf321d2671fd6ca766a93c21f877e (excl.)
  • Version 5cdf57eda01a1ffaeb61ac39ec4dcc94a690431e is affected
  • affected from 6.6.135 to 6.6.140 (excl.)
  • affected from 6.12.82 to 6.12.86 (excl.)
  • affected from 6.18.23 to 6.18.27 (excl.)
  • affected from 6.19.13 to 6.20 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 7.0 is affected
  • unaffected from 0 to 7.0 (excl.)
  • unaffected from 6.6.140 to 6.6.* (incl.)
  • unaffected from 6.12.86 to 6.12.* (incl.)
  • unaffected from 6.18.27 to 6.18.* (incl.)
  • unaffected from 7.0.4 to 7.0.* (incl.)
  • unaffected from 7.1-rc1 to * (incl.)

References