Linux Kernel Rxrpc Connection Abort Handling Vulnerability

Vulnerability

A vulnerability in the Linux kernel's Rxrpc implementation has been addressed. The issue involved improper handling of received connection aborts. While the abort was recognized at the connection level, it was not effectively propagated to the associated calls, causing them to hang indefinitely. The fix ensures that calls are properly awakened to process their termination after a connection abort, and also introduces additional tracing for logging these connection aborts.

Impact

The vulnerability could lead to a denial-of-service condition, where calls hang indefinitely due to unprocessed connection aborts.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Rxrpc Connection Abort Handling Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating