{
  "threat_severity" : "Moderate",
  "public_date" : "2026-05-27T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: rxrpc: Fix memory leaks in rxkad_verify_response()",
    "id" : "2482174",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2482174"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-772",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nrxrpc: Fix memory leaks in rxkad_verify_response()\nFix rxkad_verify_response() to free the ticket and the server key under all\ncircumstances by initialising the ticket pointer to NULL and then making\nall paths through the function after the first allocation has been done go\nthrough a single common epilogue that just releases everything - where all\nthe releases skip on a NULL pointer.", "A flaw was found in the Linux kernel's `rxrpc` subsystem. The `rxkad_verify_response()` function, which handles verification of responses, did not consistently release allocated memory. This oversight could lead to a memory leak, potentially causing system instability and a denial of service (DoS) over time due to resource exhaustion." ],
  "statement" : "A Moderate impact memory leak flaw was found in the Linux kernel's `rxrpc` subsystem, affecting Red Hat Enterprise Linux 9 and Red Hat In-Vehicle OS 2. This vulnerability, caused by inconsistent memory release, could allow a local attacker to exhaust system resources, leading to a denial of service.",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-46012\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-46012\nhttps://lore.kernel.org/linux-cve-announce/2026052744-CVE-2026-46012-f467@gregkh/T" ],
  "name" : "CVE-2026-46012",
  "mitigation" : {
    "value" : "If the `rxrpc` kernel module is not actively used, it can be blacklisted to prevent its loading. Create a file `/etc/modprobe.d/blacklist-rxrpc.conf` containing `blacklist rxrpc`. A system reboot is required for this change to take effect. Disabling this module may affect services that rely on the `rxrpc` protocol.",
    "lang" : "en:us"
  },
  "csaw" : false
}