CVE-2026-46010

high

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgk_extract_token() Fix a missing bit of error handling in rxgk_extract_token(): in the event that rxgk_decrypt_skb() returns -ENOMEM, it should just return that rather than continuing on (for anything else, it generates an abort).

References

https://git.kernel.org/stable/c/c52803e925604e2a17962ab0c99dce2d3f7238db

https://git.kernel.org/stable/c/3476c8bb960f48e49355d6f93fb7673211e0163f

https://git.kernel.org/stable/c/293095ef618818852bac5488c1bc223935e2ca17

Details

Source: Mitre, NVD

Published: 2026-05-27

Updated: 2026-05-30

Risk Information

CVSS v2

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.1

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00017