CVE-2026-31642

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the rxrpc component where call removal from the rxnet->calls list used list del init() instead of list del rcu(). This could lead to an infinite loop when reading '/proc/net/rxrpc/calls'. The fix involves implementing RCU (Read-Copy Update) safe deletion, which is a synchronization mechanism that allows multiple readers to access data while it is being updated. Additionally, the rxrpc destroy all calls() function was modified to limit the number of dumped calls to prevent excessive processing, and rxrpc put call() was updated to handle call deletion unconditionally.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.