CVE-2026-31642
Published: Apr 24, 2026
Modified: Jun 1, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet->calls list to use list_del_rcu() rather than list_del_init() to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an infinite loop. This, however, means that list_empty() no longer works on an entry that's been deleted from the list, making it harder to detect prior deletion. Fix this by: Firstly, make rxrpc_destroy_all_calls() only dump the first ten calls that are unexpectedly still on the list. Limiting the number of steps means there's no need to call cond_resched() or to remove calls from the list here, thereby eliminating the need for rxrpc_put_call() to check for that. rxrpc_put_call() can then be fixed to unconditionally delete the call from the list as it is the only place that the deletion occurs.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 2baec2c3f854d1f79c7bb28386484e144e864a14 - < 3e47a38e584b905359fe0ce5be5165d1e8592a90affected 2baec2c3f854d1f79c7bb28386484e144e864a14 - < b15b1ce96777b88989a6a4de8d01efbcd81ad2d7affected 2baec2c3f854d1f79c7bb28386484e144e864a14 - < 280efb85e9759881a9d31d0874baa04583cb6c09affected 2baec2c3f854d1f79c7bb28386484e144e864a14 - < 93fc15be44a35b8e3c58d0238ac0d9b7c53465ffaffected 2baec2c3f854d1f79c7bb28386484e144e864a14 - < c63abf25203b50243fe228090526f9dbf37727bd+3 more versions |
Linux | Linux | affected 4.13unaffected 0 - < 4.13unaffected 5.10.258 - <= 5.10.*unaffected 5.15.209 - <= 5.15.*unaffected 6.1.175 - <= 6.1.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now