CVE-2026-45988 - Vulnerability Details

- rxrpc: Fix re-decryption of RESPONSE packets

Description

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix re-decryption of RESPONSE packets

If a RESPONSE packet gets a temporary failure during processing, it may end
up in a partially decrypted state - and then get requeued for a retry.

Fix this by just discarding the packet; we will send another CHALLENGE
packet and thereby elicit a further response. Similarly, discard an
incoming CHALLENGE packet if we get an error whilst generating a RESPONSE;
the server will send another CHALLENGE.

Published: 2026-05-27

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`17926a79320afa9b95df6b977b40cca6d8713cea`	affected	< d61482be4aae1835b78875761206241835a7510e
`17926a79320afa9b95df6b977b40cca6d8713cea`	affected	< 7b89868305052b94a91b708c462bc2281fa42a4a
`17926a79320afa9b95df6b977b40cca6d8713cea`	affected	< 76cb9a2d252274adfae6e293a292434631a7d472
`17926a79320afa9b95df6b977b40cca6d8713cea`	affected	< f55b383070170e988e4dec28be2af1714d258521
`17926a79320afa9b95df6b977b40cca6d8713cea`	affected	< 0422e7a4883f25101903f3e8105c0808aa5f4ce9

Linux

affected

Version	Status	Constraints
`2.6.22`	affected	—
`0`	unaffected	< 2.6.22
`6.6.140`	unaffected	≤ 6.6.*
`6.12.86`	unaffected	≤ 6.12.*
`6.18.27`	unaffected	≤ 6.18.*
`7.0.4`	unaffected	≤ 7.0.*
`7.1`	unaffected	≤ *

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[17926a79320afa9b95df6b977b40cca6d8713cea,d61482be4aae1835b78875761206241835a7510e)`	affected	code_commit	—
`[17926a79320afa9b95df6b977b40cca6d8713cea,7b89868305052b94a91b708c462bc2281fa42a4a)`	affected	code_commit	—
`[17926a79320afa9b95df6b977b40cca6d8713cea,76cb9a2d252274adfae6e293a292434631a7d472)`	affected	code_commit	—
`[17926a79320afa9b95df6b977b40cca6d8713cea,f55b383070170e988e4dec28be2af1714d258521)`	affected	code_commit	—
`[17926a79320afa9b95df6b977b40cca6d8713cea,0422e7a4883f25101903f3e8105c0808aa5f4ce9)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`2.6.22`	affected	semver	—
`[0,2.6.22)`	unaffected	generic	—
`[6.6.140,6.7.0)`	unaffected	semver	—
`[6.12.86,6.13.0)`	unaffected	semver	—
`[6.18.27,6.19.0)`	unaffected	semver	—
`[7.0.4,7.1.0)`	unaffected	semver	—
`[7.1-rc1,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00457.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/0422e7a4883f25101903f3e8105c0808aa5f4ce9
https://git.kernel.org/stable/c/76cb9a2d252274adfae6e293a292434631a7d472
https://git.kernel.org/stable/c/7b89868305052b94a91b708c462bc2281fa42a4a
https://git.kernel.org/stable/c/d61482be4aae1835b78875761206241835a7510e
https://git.kernel.org/stable/c/f55b383070170e988e4dec28be2af1714d258521
https://lore.kernel.org/linux-cve-announce/2026052739-CVE-2026-45988-40f9@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-45988
https://www.cve.org/CVERecord?id=CVE-2026-45988

History

Tue, 16 Jun 2026 14:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		NVD-CWE-noinfo

Sat, 30 May 2026 11:00:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`	cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

Thu, 28 May 2026 05:00:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-327

Thu, 28 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-372
References		https://lore.kernel.org/linux-cve-announce/2026052739-CVE-2026-45988-40f9@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-45988 https://www.cve.org/CVERecord?id=CVE-2026-45988
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Wed, 27 May 2026 17:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-327

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix re-decryption of RESPONSE packets If a RESPONSE packet gets a temporary failure during processing, it may end up in a partially decrypted state - and then get requeued for a retry. Fix this by just discarding the packet; we will send another CHALLENGE packet and thereby elicit a further response. Similarly, discard an incoming CHALLENGE packet if we get an error whilst generating a RESPONSE; the server will send another CHALLENGE.
Title		rxrpc: Fix re-decryption of RESPONSE packets
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/0422e7a4883f25101903f3e8105c0808aa5f4ce9 https://git.kernel.org/stable/c/76cb9a2d252274adfae6e293a292434631a7d472 https://git.kernel.org/stable/c/7b89868305052b94a91b708c462bc2281fa42a4a https://git.kernel.org/stable/c/d61482be4aae1835b78875761206241835a7510e https://git.kernel.org/stable/c/f55b383070170e988e4dec28be2af1714d258521

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-27T12:55:39.740Z

Updated: 2026-06-14T17:46:40.196Z

Reserved: 2026-05-13T15:03:33.090Z

Link: CVE-2026-45988

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2026-05-27T14:17:16.270

Modified: 2026-06-17T10:52:51.390

Link: CVE-2026-45988

Redhat

Severity : Moderate

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-45988 - Bugzilla

OpenCVE Enrichment

Updated: 2026-06-18T02:30:15Z

Weaknesses

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object