Copyright © 2012 Red Hat, Inc. All rights reserved. Low 2026-05-27T00:00:00 kernel: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CWE-772

A flaw was found in the Linux kernel's SUNRPC (Sun Remote Procedure Call) authentication GSS (Generic Security Service) module. This vulnerability occurs due to memory leaks in the XDR (eXternal Data Representation) decoding error paths within functions like gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name(). When these functions encounter a decoding error, previously allocated memory is not properly freed. This can lead to resource exhaustion and potentially a denial of service (DoS) for an affected system.

Red Hat Enterprise Linux 10 Fix deferred kernel Red Hat Enterprise Linux 6 Not affected kernel Red Hat Enterprise Linux 7 Fix deferred kernel Red Hat Enterprise Linux 7 Fix deferred kernel-rt Red Hat Enterprise Linux 8 Fix deferred kernel Red Hat Enterprise Linux 8 Fix deferred kernel-rt Red Hat Enterprise Linux 9 Fix deferred kernel Red Hat Enterprise Linux 9 Fix deferred kernel-rt https://www.cve.org/CVERecord?id=CVE-2026-45870 https://nvd.nist.gov/vuln/detail/CVE-2026-45870 https://lore.kernel.org/linux-cve-announce/2026052712-CVE-2026-45870-e178@gregkh/T