A recent Linux kernel update to versions 7.0.6 and 6.18.29 patches a nasty rxrpc bug that mishandled network packets carrying shared memory fragments. When applications route data through splice() or socket loops, the old code incorrectly assumed those pages belonged to the kernel and fed them straight into decryption routines without copying. This oversight could easily trigger out-of-memory crashes or corrupt sensitive traffic under heavy network load. The fix now properly isolates externally owned fragments while keeping zero-copy performance intact for standard kernel buffers, so users should grab the latest stable release to keep their networking stack secure and enjoy a smoother ride.

Linux Kernel Update Fixes rxrpc Packet Handling Bug That Could Leak Memory

A fresh Linux kernel update just dropped to patch a nasty memory handling flaw in the rxrpc network stack. The fix targets how DATA and RESPONSE packets get processed when they carry shared page fragments, which previously allowed external pages to slip into decryption routines without proper isolation. Users running recent stable branches will want to grab this release before fragmented network traffic triggers instability or data exposure.

Why the rxrpc patch matters for everyday systems

The remote procedure call subsystem handles a lot of background network traffic, especially on machines that sync files or talk to storage servers. When packets arrive with paged fragments instead of linear buffers, the old code assumed those pages belonged to the kernel. That assumption breaks when applications use splice() or socket loops to pass data around. External memory stays mapped while the crypto routines try to bind it directly into scatter-gather lists. The result is a race condition that can corrupt decryption keys or trigger out-of-memory crashes under heavy load. This update closes that gap by checking for shared fragments before skipping the unshare step. Systems relying on zero-copy networking keep their speed, but externally owned pages now get copied safely before hitting the security layer.

How to apply the Linux kernel update without breaking custom builds

Most distribution maintainers already pushed this into their stable trees, so a standard package manager refresh usually pulls in the fix automatically. Users who compile their own kernels need to grab either version 7.0.6 or 6.18.29 from the official archives. The patch touches network buffer management code, which means recompiling the networking modules is enough if the rest of the system stays on an older base. Testing a custom build after applying this change helps catch any driver conflicts before pushing to production machines. The fix does not change how standard desktop traffic flows, so everyday browsing and media streaming remain unaffected.

What happens when packet fragmentation slips through

Anyone who has chased down a sudden throughput drop after a bad driver update knows how easily fragmented packets can mask the real culprit. This specific rxrpc flaw mimics those symptoms because the kernel tries to decrypt data sitting in shared memory pages it does not own. The system either stalls while waiting for page locks that never resolve, or worse, writes decrypted output back into user space buffers without proper boundaries. Administrators who track packet traces will notice the same pattern repeating across multiple calls until the buffer handling gets corrected. Rolling out this update removes that trigger entirely and restores predictable memory accounting for network stacks. The original switch to skb_unshare() made a lazy assumption about shared fragments, which is exactly why this patch exists. Network debugging tools often become useless when the kernel itself mismanages packet buffers, so fixing the root cause saves hours of pointless tracing.

Linux kernel 7.0.6 released

Linux kernel version 7.0.6 is now available:

Full source: https://cdn.kernel.org/pub/linux/kernel/v7.x/linux-7.0.6.tar.xz
Patch: https://cdn.kernel.org/pub/linux/kernel/v7.x/patch-7.0.6.xz
PGP Signature: https://cdn.kernel.org/pub/linux/kernel/v7.x/linux-7.0.6.tar.sign

You can view the summary of the changes at the following URL:
https://git.kernel.org/stable/ds/v7.0.6/v7.0.5

Linux kernel 6.18.29 released

Linux kernel version 6.18.29 is now available:

Full source: https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.18.29.tar.xz
Patch: https://cdn.kernel.org/pub/linux/kernel/v6.x/patch-6.18.29.xz
PGP Signature: https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.18.29.tar.sign

You can view the summary of the changes at the following URL:
https://git.kernel.org/stable/ds/v6.18.29/v6.18.28

Keep those systems patched and watch the logs if traffic patterns suddenly shift. The networking layer handles enough edge cases without leaving shared pages exposed to crypto routines.