CVE-2026-45988
Published May 27, 2026
Modified May 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix re-decryption of RESPONSE packets If a RESPONSE packet gets a temporary failure during processing, it may end up in a partially decrypted state - and then get requeued for a retry. Fix this by just discarding the packet; we will send another CHALLENGE packet and thereby elicit a further response. Similarly, discard an incoming CHALLENGE packet if we get an error whilst generating a RESPONSE; the server will send another CHALLENGE.
References
Other References
https://git.kernel.org/stable/c/0422e7a4883f25101903f3e8105c0808aa5f4ce9
https://git.kernel.org/stable/c/76cb9a2d252274adfae6e293a292434631a7d472
https://git.kernel.org/stable/c/7b89868305052b94a91b708c462bc2281fa42a4a
https://git.kernel.org/stable/c/d61482be4aae1835b78875761206241835a7510e
https://git.kernel.org/stable/c/f55b383070170e988e4dec28be2af1714d258521
Frequently Asked Questions
What is CVE-2026-45988? +
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix re-decryption of RESPONSE packets
If a RESPONSE packet gets a temporary failure during processing, it may end
up in a partially decrypted state - and then get requeued for a retry.
Fix this by just discarding the packet; we will send another CHALLENGE
packet and thereby elicit a further response. Similarly, discard an
incoming CHALLENGE packet if we get an error whilst generating a RESPONSE;
the server will send another CHALLENGE.
How do I check if I'm vulnerable to CVE-2026-45988? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.