An error handling flaw in the Linux kernel rxrpc module potentially exposes the system to memory exhaustion or state corruption.

The issue exists in rxgk_extract_token(), where a failure in rxgk_decrypt_skb() (specifically an -ENOMEM return) is not handled correctly. The function fails to terminate execution, leading to continued processing in an invalid state.

The CVSS score of 8.1 (High) indicates a significant threat to system reliability. Improper error handling in the networking stack can be leveraged to induce system crashes or potentially facilitate more complex attacks, leading to downtime for critical network services.

Immediate Action: Update to the latest kernel version provided by your distribution, which includes the necessary error handling logic for rxgk_extract_token().

Proactive Monitoring: Monitor system logs for kernel errors related to network subsystem failures or unexpected abort signals.

Compensating Controls: Implement network segmentation to limit the attack surface available to interact with rxrpc services.

Public Exploit Available: false

Patching the kernel is the only effective way to remediate this logic flaw. IT teams should verify vendor security notices and schedule maintenance windows for the necessary kernel updates.