Primary

Context

Linux Kernel Sunrpc SVC_GARBAGE Handling Authentication Error Vulnerability Leading to Crash

Vulnerability

A vulnerability in the Linux kernel's sunrpc component allows for a remotely-triggered crash. This issue arises when a client sends a specially crafted packet to a kernel RPC server. If the RPC reply is decoded in a way that returns SVC_GARBAGE without properly setting the rq_accept_statp pointer, the pointer can be dereferenced, potentially leading to a crash or memory corruption. The sunrpc server code incorrectly treats a SVC_GARBAGE return as an authentication failure, which should be handled differently to avoid the crash.

Impact

Exploitation of this vulnerability causes a kernel crash or memory corruption.

Remediation

The vulnerability has been addressed in the official Linux kernel repository. Users should upgrade to the latest version.

Added: Jun 30, 2025, 8:19 AM

Updated: Jun 30, 2025, 8:19 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Sunrpc SVC_GARBAGE Handling Authentication Error Vulnerability Leading to Crash

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating