CVE Catalog

CVE-2026-45988

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.46%

36th percentile — higher than 36% of all known CVEs

Summary

A vulnerability related to the re-decryption of RESPONSE packets has been fixed in the Linux kernel. If a RESPONSE packet encounters a temporary failure during processing, it may end up in a partially decrypted state and be requeued for retry.

Risk Assessment

This vulnerability may lead to improper packet processing, potentially affecting the stability and security of communication within the system. In the event of an attack, it could allow unauthorized access to data.

Recommendation

It is recommended to update the Linux kernel to the latest version to eliminate this vulnerability. Additionally, monitor system logs for potential attempts to exploit this flaw.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix re-decryption of RESPONSE packets If a RESPONSE packet gets a temporary failure during processing, it may end up in a partially decrypted state - and then get requeued for a retry. Fix this by just discarding the packet; we will send another CHALLENGE packet and thereby elicit a further response. Similarly, discard an incoming CHALLENGE packet if we get an error whilst generating a RESPONSE; the server will send another CHALLENGE.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS