CVE-2026-46085
Published May 27, 2026
Modified May 27, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxkad crypto unalignment handling Fix handling of a packet with a misaligned crypto length. Also handle non-ENOMEM errors from decryption by aborting. Further, remove the WARN_ON_ONCE() so that it can't be remotely triggered (a trace line can still be emitted).
References
Other References
https://git.kernel.org/stable/c/440d20d95e844b657a93a0b2dcc2aae155efdce6
https://git.kernel.org/stable/c/af9271eb666d07b6f65612dc160a47f7cb5220ed
https://git.kernel.org/stable/c/def304aae2edf321d2671fd6ca766a93c21f877e
https://git.kernel.org/stable/c/f0d3efd03b2a9e0f1ffa6df8fcb264af3d494286
https://git.kernel.org/stable/c/f1c6bd0cc786a8fa74829ce3c4b3673944a308f4
Frequently Asked Questions
What is CVE-2026-46085? +
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix rxkad crypto unalignment handling
Fix handling of a packet with a misaligned crypto length. Also handle
non-ENOMEM errors from decryption by aborting. Further, remove the
WARN_ON_ONCE() so that it can't be remotely triggered (a trace line can
still be emitted).
How do I check if I'm vulnerable to CVE-2026-46085? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.