CVE-2026-31642

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> rxrpc: Fix call removal to use RCU safe deletion<br /> <br /> Fix rxrpc call removal from the rxnet-&gt;calls list to use list_del_rcu()<br /> rather than list_del_init() to prevent stuffing up reading<br /> /proc/net/rxrpc/calls from potentially getting into an infinite loop.<br /> <br /> This, however, means that list_empty() no longer works on an entry that&amp;#39;s<br /> been deleted from the list, making it harder to detect prior deletion. Fix<br /> this by:<br /> <br /> Firstly, make rxrpc_destroy_all_calls() only dump the first ten calls that<br /> are unexpectedly still on the list. Limiting the number of steps means<br /> there&amp;#39;s no need to call cond_resched() or to remove calls from the list<br /> here, thereby eliminating the need for rxrpc_put_call() to check for that.<br /> <br /> rxrpc_put_call() can then be fixed to unconditionally delete the call from<br /> the list as it is the only place that the deletion occurs.