What is CVE-2026-31641?

CVE-2026-31641 is a high-severity vulnerability in Linux. CVSS score: 7.8/10. Published 2026-04-24.

How severe is CVE-2026-31641?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Linux

CVE-2026-31641

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpc_preparse_xdr_yfs_rxgk() reads the raw key length and ticket length from the XDR token as u32 values and passes each t…

EPSS: 0.000 (3.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Linux — versions 0ca100ff4df64f5d0f6c1dd5080c3e096786bea6, 6.16, 0

References

git.kernel.org/stable/c/3e04596cba8a86cbff9c3f4bf0a524a3a488773c
git.kernel.org/stable/c/49875b360c2b83a3c226e189c502e501d83e6445
git.kernel.org/stable/c/d179a868dd755b0cfcf7582e00943d702b9943b8

Frequently asked questions

What is CVE-2026-31641?: CVE-2026-31641 is a high-severity vulnerability in Linux. CVSS score: 7.8/10. Published 2026-04-24.
How severe is CVE-2026-31641?: High severity. CVSS v3 base score is 7.8 out of 10.