In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix rxkad crypto unalignment handling

Fix handling of a packet with a misaligned crypto length. Also handle
non-ENOMEM errors from decryption by aborting. Further, remove the
WARN_ON_ONCE() so that it can't be remotely triggered (a trace line can
still be emitted).

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Linux Linux unaffected
Version Status Constraints
9853917f9edf08efb0b55c26d9eb8340f126d9e9 affected < f1c6bd0cc786a8fa74829ce3c4b3673944a308f4
e9c369d58785044427450350ad32d6a2497fb379 affected < 440d20d95e844b657a93a0b2dcc2aae155efdce6
bf4d6e4a6856eedeb7f66eb91224115bfff4e2cb affected < f0d3efd03b2a9e0f1ffa6df8fcb264af3d494286
f93af41b9f5f798823d0d0fb8765c2a936d76270 affected < af9271eb666d07b6f65612dc160a47f7cb5220ed
f93af41b9f5f798823d0d0fb8765c2a936d76270 affected < def304aae2edf321d2671fd6ca766a93c21f877e
5cdf57eda01a1ffaeb61ac39ec4dcc94a690431e affected
6.6.135 affected < 6.6.140
6.12.82 affected < 6.12.86
6.18.23 affected < 6.18.27
6.19.13 affected < 6.20
Linux Linux affected
Version Status Constraints
7.0 affected
0 unaffected < 7.0
6.6.140 unaffected ≤ 6.6.*
6.12.86 unaffected ≤ 6.12.*
6.18.27 unaffected ≤ 6.18.*
7.0.4 unaffected ≤ 7.0.*
7.1-rc1 unaffected ≤ *

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors Products
Linux Subscribe
Linux Kernel Subscribe

Project Subscriptions

Vendors Products
Linux Subscribe
Linux Kernel Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://git.kernel.org/stable/c/440d20d95e844b657a93a0b2dcc2aae155efdce6 cve-icon cve-icon
https://git.kernel.org/stable/c/af9271eb666d07b6f65612dc160a47f7cb5220ed cve-icon cve-icon
https://git.kernel.org/stable/c/def304aae2edf321d2671fd6ca766a93c21f877e cve-icon cve-icon
https://git.kernel.org/stable/c/f0d3efd03b2a9e0f1ffa6df8fcb264af3d494286 cve-icon cve-icon
https://git.kernel.org/stable/c/f1c6bd0cc786a8fa74829ce3c4b3673944a308f4 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026052701-CVE-2026-46085-4a40@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-46085 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-46085 cve-icon
History

Thu, 28 May 2026 04:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787

Thu, 28 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1284
References

Wed, 27 May 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-787

Wed, 27 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxkad crypto unalignment handling Fix handling of a packet with a misaligned crypto length. Also handle non-ENOMEM errors from decryption by aborting. Further, remove the WARN_ON_ONCE() so that it can't be remotely triggered (a trace line can still be emitted).
Title rxrpc: Fix rxkad crypto unalignment handling
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-27T12:58:27.125Z

Reserved: 2026-05-13T15:03:33.096Z

Link: CVE-2026-46085

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:29.963

Modified: 2026-05-27T14:48:03.013

Link: CVE-2026-46085

cve-icon Redhat

Severity :

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2026-46085 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-28T05:45:05Z

Weaknesses