CVE-2026-46000
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk10th percentile - higher than 10% of all known CVEs
Summary
A vulnerability related to RESPONSE packet handling at the connection level has been fixed in the Linux kernel. Security issues could lead to decrypted packet data being exposed to packet sniffers.
Risk Assessment
Organizations may be at risk of sensitive information leakage, potentially compromising data confidentiality. The exposure of decrypted packets could allow attackers to analyze network traffic.
Recommendation
It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability. Additionally, network traffic should be monitored for potential sniffing attempts.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however, the sk_buff may be shared with a packet sniffer, which would lead to the sniffer seeing an apparently corrupt packet (actually decrypted). Fix this by handing a copy of the packet off to the specific security handler if the packet was cloned.

