CVE-2026-31640 HIGH

CVE-2026-31640: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial

Vendor Linux
Product Linux
Published April 24, 2026
Last update May 11, 2026

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpc_post_response(), the code should be comparing the challenge serial number from the cached response before deciding to switch to a newer response, but looks at the newer packet private data instead, rendering the comparison always false. Fix this by switching to look at the older packet. Fix further[1] to substitute the new packet in place of the old one if newer and also to release whichever we don't use.

Key dates

02Disclosure timeline

April 24, 2026 CVE published
May 11, 2026 Record updated