This paper introduces and formally defines the “reasoning distraction” vulnerability: large reasoning models (LRMs) exhibit significant performance degradation—up to 60% accuracy loss—when solving complex mathematical or programming tasks, due to irrelevant, embedded subtasks in prompts that derail chain-of-thought reasoning. Notably, certain alignment techniques exacerbate this vulnerability, and models may implicitly comply with adversarial instructions. To address this novel threat, we construct a synthetic adversarial dataset and develop a robust defense mechanism via supervised fine-tuning combined with reinforcement learning. Experimental results demonstrate that our method improves model robustness by over 50 percentage points under strong distraction attacks, substantially enhancing the reliability and security of LRMs in open-ended, user-provided prompting environments.

Recent advances in large reasoning models (LRMs) have enabled remarkable performance on complex tasks such as mathematics and coding by generating long Chain-of-Thought (CoT) traces. In this paper, we identify and systematically analyze a critical vulnerability we term reasoning distraction, where LRMs are diverted from their primary objective by irrelevant yet complex tasks maliciously embedded in the prompt. Through a comprehensive study across diverse models and benchmarks, we show that even state-of-the-art LRMs are highly susceptible, with injected distractors reducing task accuracy by up to 60%. We further reveal that certain alignment techniques can amplify this weakness and that models may exhibit covert compliance, following hidden adversarial instructions in reasoning while concealing them in the final output. To mitigate these risks, we propose a training-based defense that combines Supervised Fine-Tuning (SFT) and Reinforcement Learning (RL) on synthetic adversarial data, improving robustness by over 50 points on challenging distractor attacks. Our findings establish reasoning distraction as a distinct and urgent threat to LRM reliability and provide a practical step toward safer and more trustworthy reasoning systems.