Volerion logoVolerion
Volerion logoVolerion

Linux Kernel AF_RXRPC Preallocation Backlog Structure Vulnerability

Vulnerability

A vulnerability in the Linux kernel's AF_RXRPC implementation can lead to a kernel oops error. This issue occurs when a service socket is opened and bound, but calls are preallocated. In such cases, the function 'rxrpc_alloc_incoming_call()' fails because the 'rxrpc_backlog' structure is not allocated until the first preallocation occurs. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability causes a kernel oops error, which can lead to a system crash or instability.

Reproduction

To reproduce this vulnerability, open and bind an AF_RXRPC service socket, then preallocate calls without first allocating the 'rxrpc_backlog' structure. This will trigger the 'rxrpc_alloc_incoming_call()' function to fail, causing a kernel oops error.

Remediation

Users can apply the available patch to address this vulnerability. The patch is included in the Linux kernel stable tree.

Added: Aug 16, 2025, 11:25 AM
Updated: Aug 16, 2025, 11:25 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
0.4
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.