{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-45988","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-05-13T15:03:33.090Z","datePublished":"2026-05-27T12:55:39.740Z","dateUpdated":"2026-06-14T17:46:40.196Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-06-14T17:46:40.196Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix re-decryption of RESPONSE packets\n\nIf a RESPONSE packet gets a temporary failure during processing, it may end\nup in a partially decrypted state - and then get requeued for a retry.\n\nFix this by just discarding the packet; we will send another CHALLENGE\npacket and thereby elicit a further response.  Similarly, discard an\nincoming CHALLENGE packet if we get an error whilst generating a RESPONSE;\nthe server will send another CHALLENGE."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["include/trace/events/rxrpc.h","net/rxrpc/conn_event.c"],"versions":[{"version":"17926a79320afa9b95df6b977b40cca6d8713cea","lessThan":"d61482be4aae1835b78875761206241835a7510e","status":"affected","versionType":"git"},{"version":"17926a79320afa9b95df6b977b40cca6d8713cea","lessThan":"7b89868305052b94a91b708c462bc2281fa42a4a","status":"affected","versionType":"git"},{"version":"17926a79320afa9b95df6b977b40cca6d8713cea","lessThan":"76cb9a2d252274adfae6e293a292434631a7d472","status":"affected","versionType":"git"},{"version":"17926a79320afa9b95df6b977b40cca6d8713cea","lessThan":"f55b383070170e988e4dec28be2af1714d258521","status":"affected","versionType":"git"},{"version":"17926a79320afa9b95df6b977b40cca6d8713cea","lessThan":"0422e7a4883f25101903f3e8105c0808aa5f4ce9","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["include/trace/events/rxrpc.h","net/rxrpc/conn_event.c"],"versions":[{"version":"2.6.22","status":"affected"},{"version":"0","lessThan":"2.6.22","status":"unaffected","versionType":"semver"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","status":"unaffected","versionType":"semver"},{"version":"7.1","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"6.6.140"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"6.12.86"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"6.18.27"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"7.0.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"7.1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/d61482be4aae1835b78875761206241835a7510e"},{"url":"https://git.kernel.org/stable/c/7b89868305052b94a91b708c462bc2281fa42a4a"},{"url":"https://git.kernel.org/stable/c/76cb9a2d252274adfae6e293a292434631a7d472"},{"url":"https://git.kernel.org/stable/c/f55b383070170e988e4dec28be2af1714d258521"},{"url":"https://git.kernel.org/stable/c/0422e7a4883f25101903f3e8105c0808aa5f4ce9"}],"title":"rxrpc: Fix re-decryption of RESPONSE packets","x_generator":{"engine":"bippy-1.2.0"}}}}