CVE-2026-31643

Published: Apr 24, 2026

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key parsing memleak In rxrpc_preparse_xdr_yfs_rxgk(), the memory attached to token->rxgk can be leaked in a few error paths after it's allocated. Fix this by freeing it in the "reject_token:" case.

Vendor	Product	Versions
Linux	Linux	affected `0ca100ff4df64f5d0f6c1dd5080c3e096786bea6 - < d5f76f812d2c0ea6dd651b0586be49e85ecca085` affected `0ca100ff4df64f5d0f6c1dd5080c3e096786bea6 - < 01f51318feb626deee1d0c8a190198cd7857d599` affected `0ca100ff4df64f5d0f6c1dd5080c3e096786bea6 - < b555912b9b21075e8298015f888ffe3ff60b1a97`
Linux	Linux	affected `6.16` unaffected `0 - < 6.16` unaffected `6.18.23 - <= 6.18.` unaffected `6.19.13 - <= 6.19.` unaffected `7.0 - <= *`

References

https://git.kernel.org/stable/c/d5f76f812d2c0ea6dd651b0586be49e85ecca085

https://git.kernel.org/stable/c/01f51318feb626deee1d0c8a190198cd7857d599

https://git.kernel.org/stable/c/b555912b9b21075e8298015f888ffe3ff60b1a97

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-31643

Description

Affected Products

References