CRITICAL
rxrpc Ticket Decrypt Bypass
CVE-2026-31637
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
KernelScan AI9.8CRITICAL
01Description
In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then parses the buffer as plaintext without checking whether crypto_skcipher_decrypt() succeeded. A malformed RESPONSE can therefore use a non-block-aligned ticket length, make the decrypt operation fail, and still drive the ticket parser with attacker-controlled bytes. Check the decrypt result and abort the connection with RXKADBADTICKET when ticket decryption fails.
02KernelScan AI Analysis
Risk summary
Remote attackers can send malformed RxRPC authentication tickets that bypass decryption validation, allowing them to control ticket parsing with arbitrary data. This can lead to memory corruption and potential remote code execution without authentication.
Vulnerability analysis
The vulnerability exists in rxkad_decrypt_ticket() where crypto_skcipher_decrypt() return value is ignored, allowing failed decryption operations to proceed with parsing uninitialized or attacker-controlled buffer contents. An attacker can craft RXKAD response packets with non-block-aligned ticket lengths to trigger decryption failure while still driving the ticket parser. The fix adds proper error checking and aborts the connection with RXKADBADTICKET when decryption fails. This is network-reachable through RxRPC protocol without requiring authentication.
03Fix Versions
| Branch | Fixed in | Patch commit |
|---|---|---|
| 5.10 | 5.10.258 | 252157d939d1 |
| 5.15 | 5.15.209 | a75b3b361dd4 |
| 6.1 | 6.1.175 | b3a808cd0790 |
| 6.12 | 6.12.82 | a149dcae2330 |
| 6.18 | 6.18.23 | 22f6258e7b31 |
| 6.19 | 6.19.13 | 58fcd1b15615 |
| 6.6 | 6.6.135 | 47073aab8a3a |
| mainline | 7.0 | fe4447cd9562 |