Analysis
Impact
The vulnerability arises when skb_unshare() fails to unshare a packet due to an allocation failure during rxrpc_input_packet(). This results in the packet pointer being set to NULL in the parent rxrpc_io_thread(), leading to a null‑pointer dereference when trace_rxrpc_rx_done() is called. The consequence is a kernel oops, effectively crashing the system. The flaw is a use‑after‑free style issue that can cause a critical denial of service by exhausting resources or corrupting packet handling. The vulnerability does not directly expose sensitive data but it disrupts system availability and can be used by an attacker to destabilize the kernel.
Affected Systems
All Linux kernel builds that include the RXRPC networking stack and have not yet incorporated the fix commit (c/1f2740150f904bfa60e4bad74d65add3ccb5e7f8). The patch was applied to the mainline kernel, so any system shipping a kernel version prior to that commit is potentially affected. Specific version ranges are not listed in the CNA data; administrators should check the kernel changelog for the inclusion of the referenced patches.
Risk and Exploitability
A formal CVSS score is not provided and the EPSS is not available, but the vulnerability can cause a kernel crash, so it carries a high impact rating. The risk of exploitation is uncertain: the flaw requires sending an RXRPC packet that triggers an allocation failure, which may be difficult to reliably reproduce in a production environment. The vulnerability is not listed in CISA's KEV catalog, indicating no known active exploitation at the time of the advisory. However, given the potential for DoS, administrators should treat this as a high‑risk issue for systems that process RXRPC traffic.
Mitre Data 
CPE Configurations
Affected Packages
OpenCVE Enrichment
Vulnrichment