CVE-2026-23118

ADVISORY - nist

Summary

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix data-race warning and potential load/store tearing

Fix the following:

    BUG: KCSAN: data-race in rxrpc_peer_keepalive_worker / rxrpc_send_data_packet

which is reporting an issue with the reads and writes to ->last_tx_at in:

    conn->peer->last_tx_at = ktime_get_seconds();

and:

    keepalive_at = peer->last_tx_at + RXRPC_KEEPALIVE_TIME;

The lockless accesses to these to values aren't actually a problem as the read only needs an approximate time of last transmission for the purposes of deciding whether or not the transmission of a keepalive packet is warranted yet.

Also, as ->last_tx_at is a 64-bit value, tearing can occur on a 32-bit arch.

Fix both of these by switching to an unsigned int for ->last_tx_at and only storing the LSW of the time64_t. It can then be reconstructed at need provided no more than 68 years has elapsed since the last transmission.

EPSS Score: 0.00086 (0.004)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')


NIST

CREATED

UPDATED

EXPLOITABILITY SCORE

1

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

4.7medium

Debian

CREATED

UPDATED

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

UPDATED

EXPLOITABILITY SCORE

1.0

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

4.7medium

Oracle

CREATED

UPDATED

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh