{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31632", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.125Z", "datePublished": "2026-04-24T14:44:47.969Z", "dateUpdated": "2026-05-11T22:12:34.136Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T22:12:34.136Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix leak of rxgk context in rxgk_verify_response()\n\nFix rxgk_verify_response() to clean up the rxgk context it creates."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/rxrpc/rxgk.c"], "versions": [{"version": "9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a", "lessThan": "4b5e8365515f4409de7d3b92a439154ee4f90f6d", "status": "affected", "versionType": "git"}, {"version": "9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a", "lessThan": "1bd3d01378c1f9ecd313d394b51c808c1f418615", "status": "affected", "versionType": "git"}, {"version": "9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a", "lessThan": "7e1876caa8363056f58a21d3b31b82c2daf7e608", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/rxrpc/rxgk.c"], "versions": [{"version": "6.16", "status": "affected"}, {"version": "0", "lessThan": "6.16", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.23", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.13", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.18.23"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "6.19.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.16", "versionEndExcluding": "7.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/4b5e8365515f4409de7d3b92a439154ee4f90f6d"}, {"url": "https://git.kernel.org/stable/c/1bd3d01378c1f9ecd313d394b51c808c1f418615"}, {"url": "https://git.kernel.org/stable/c/7e1876caa8363056f58a21d3b31b82c2daf7e608"}], "title": "rxrpc: Fix leak of rxgk context in rxgk_verify_response()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAE31F43-AAC5-4801-B2B2-119D62A532A2", "versionEndExcluding": "6.18.23", "versionStartIncluding": "6.16.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1490EF9B-9080-481C-8D22-1306AAE664E4", "versionEndExcluding": "6.19.13", "versionStartIncluding": "6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.16:-:*:*:*:*:*:*", "matchCriteriaId": "6238B17D-C12B-458F-A138-97039BFC4595", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "58A9FEFF-C040-420D-8F0A-BFDAAA1DF258", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*", "matchCriteriaId": "1D2315C0-D46F-4F85-9754-F9E5E11374A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*", "matchCriteriaId": "512EE3A8-A590-4501-9A94-5D4B268D6138", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix leak of rxgk context in rxgk_verify_response()\n\nFix rxgk_verify_response() to clean up the rxgk context it creates."}], "id": "CVE-2026-31632", "lastModified": "2026-04-27T20:30:38.720", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-24T15:16:42.517", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1bd3d01378c1f9ecd313d394b51c808c1f418615"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4b5e8365515f4409de7d3b92a439154ee4f90f6d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7e1876caa8363056f58a21d3b31b82c2daf7e608"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: rxrpc: Fix leak of rxgk context in rxgk_verify_response()", "id": "2461449", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461449"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-772", "details": ["A flaw was found in the Linux kernel's rxrpc component. The `rxgk_verify_response()` function fails to properly clean up the rxgk context it creates, leading to a memory leak. This vulnerability could potentially allow an attacker to cause a Denial of Service (DoS) by exhausting available memory resources."], "name": "CVE-2026-31632", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2026-04-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-31632\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-31632\nhttps://lore.kernel.org/linux-cve-announce/2026042454-CVE-2026-31632-4da1@gregkh/T"], "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a,4b5e8365515f4409de7d3b92a439154ee4f90f6d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a,1bd3d01378c1f9ecd313d394b51c808c1f418615)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a,7e1876caa8363056f58a21d3b31b82c2daf7e608)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "6.16"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.16)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.18.23,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[6.19.13,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[7.0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-28T13:54:47.764412+00:00", "value": {"mitigation_remediation": ["Update your system to a Linux kernel release that includes the rxgk context leak fix, such as any recent 6.16 update or any 7.0 rc build that contains the patch.", "Restart the host or affected services to ensure the patched kernel is active and no stale rxgk contexts remain in memory.", "If immediate kernel upgrade is not possible, consider disabling the rxrpc protocol or unloading the related module to prevent further context leaks while monitoring system memory usage and inspecting kernel logs for rxrpc\u2011related warnings."], "summary": {"action": "Apply Patch", "impact": "Memory Leak"}, "threat_synthesis": {"affected_systems": "The flaw is present in the Linux kernel, specifically in version 6.16 and all 7.0 release\u2011candidate builds from rc1 through rc7. It affects any distribution or system running these kernel versions that has the rxrpc module enabled, which is common in standard Linux deployments.", "description_and_impact": "The vulnerability arises in the Linux kernel's rxrpc networking subsystem, where the rxgk_verify_response() function fails to free the rxgk context it creates, resulting in a memory leak. This defect leads to unnecessary consumption of kernel memory resources, potentially degrading system performance or causing a denial\u2011of\u2011service if the leak accumulates over time. The issue is identified as a memory leak and a resource exhaustion condition, reflecting CWE\u2011401 and CWE\u2011772 weaknesses.", "risk_and_exploitability": "The CVSS score of 5.5 indicates a moderate risk, and an EPSS score of less than 1\u202f% suggests that exploitation attempts are unlikely at present. The vulnerability is not listed in the CISA KEV catalog. The main attack vector, while not explicitly defined in the report, is inferred to involve sending crafted or malformed rxrpc responses to a target system, which would trigger the memory\u2011leak condition. Because the flaw only consumes kernel memory, it does not provide remote code execution or privilege escalation, but repeated exploitation could lead to resource exhaustion or a system crash."}}}}, "created": "2026-04-27T21:00:11.927900+00:00", "updated": "2026-04-28T14:00:16.504442+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}