rxrpc: Fix call removal to use RCU safe deletion

MITRE NVD CVE.ORG JSON API Print: PDF PDF

Summary

CVECVE-2026-31642
StatePUBLISHED
AssignerLinux
Source PriorityCVE Program / NVD first with legacy fallback
Published2026-04-24 15:16:43 UTC
Updated2026-04-24 17:51:40 UTC
DescriptionIn the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet->calls list to use list_del_rcu() rather than list_del_init() to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an infinite loop. This, however, means that list_empty() no longer works on an entry that's been deleted from the list, making it harder to detect prior deletion. Fix this by: Firstly, make rxrpc_destroy_all_calls() only dump the first ten calls that are unexpectedly still on the list. Limiting the number of steps means there's no need to call cond_resched() or to remove calls from the list here, thereby eliminating the need for rxrpc_put_call() to check for that. rxrpc_put_call() can then be fixed to unconditionally delete the call from the list as it is the only place that the deletion occurs.

Vendor Declared Affected Products

SourceVendorProductVersionPlatforms
CNA Linux Linux affected 2baec2c3f854d1f79c7bb28386484e144e864a14 93fc15be44a35b8e3c58d0238ac0d9b7c53465ff git Not specified
CNA Linux Linux affected 2baec2c3f854d1f79c7bb28386484e144e864a14 c63abf25203b50243fe228090526f9dbf37727bd git Not specified
CNA Linux Linux affected 2baec2c3f854d1f79c7bb28386484e144e864a14 3be718f659683ad89fad6f1eb66bee99727cae64 git Not specified
CNA Linux Linux affected 2baec2c3f854d1f79c7bb28386484e144e864a14 ac5f54691be06a32246179d41be2d73598036deb git Not specified
CNA Linux Linux affected 2baec2c3f854d1f79c7bb28386484e144e864a14 146d4ab94cf129ee06cd467cb5c71368a6b5bad6 git Not specified
CNA Linux Linux affected 4.13 Not specified
CNA Linux Linux unaffected 4.13 semver Not specified
CNA Linux Linux unaffected 6.6.135 6.6.* semver Not specified
CNA Linux Linux unaffected 6.12.82 6.12.* semver Not specified
CNA Linux Linux unaffected 6.18.23 6.18.* semver Not specified
CNA Linux Linux unaffected 6.19.13 6.19.* semver Not specified
CNA Linux Linux unaffected 7.0 * original_commit_for_fix Not specified

References

ReferenceSourceLinkTags
git.kernel.org/stable/c/3be718f659683ad89fad6f1eb66bee99727cae64 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/93fc15be44a35b8e3c58d0238ac0d9b7c53465ff 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/c63abf25203b50243fe228090526f9dbf37727bd 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/146d4ab94cf129ee06cd467cb5c71368a6b5bad6 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
git.kernel.org/stable/c/ac5f54691be06a32246179d41be2d73598036deb 416baaa9-dc9f-4396-8d5f-8c081fb06d67 git.kernel.org
CVE Program record CVE.ORG www.cve.org canonical
NVD vulnerability detail NVD nvd.nist.gov canonical, analysis
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report