CVE-2026-23335 RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()

🗓️ 25 Mar 2026 10:27:25Reported by LinuxType

Fix kernel stack leak in irdma_create_user_ah by zeroing reserved field in response struct.

Reporter	Title	Published	Views	Family All 51
ATTACKERKB	CVE-2026-23335	25 Mar 202610:27	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1543)	7 Apr 202600:00	–	nessus
Tenable Nessus	Debian dla-4561 : linux-config-6.1 - security update	2 May 202600:00	–	nessus
Tenable Nessus	Debian dsa-6238 : ata-modules-6.12.74+deb13+1-armmp-di - security update	30 Apr 202600:00	–	nessus
Tenable Nessus	Debian dsa-6243 : affs-modules-6.1.0-44-4kc-malta-di - security update	2 May 202600:00	–	nessus
Tenable Nessus	openSUSE 16 Security Update : kernel (openSUSE-SU-2026:20572-1)	22 Apr 202600:00	–	nessus
Tenable Nessus	Photon OS 5.0: Linux PHSA-2026-5.0-0813	11 Apr 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-23335	25 Mar 202600:00	–	nessus
Amazon	Important: kernel6.12	7 Apr 202600:00	–	amazon
AstraLinux	Astra Linux – Vulnerability in Linux 5.10	3 May 202623:59	–	astralinux

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/infiniband/hw/irdma/verbs.c"
    ],
    "versions": [
      {
        "version": "b48c24c2d710cf34810c555dcef883a3d35a9c08",
        "lessThan": "1f70df004fdd944653013ccc2e1dfd472a693b46",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "b48c24c2d710cf34810c555dcef883a3d35a9c08",
        "lessThan": "14b47c07c69930254f549a17ee245c80a65b1609",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "b48c24c2d710cf34810c555dcef883a3d35a9c08",
        "lessThan": "1b1fac4c7a3ab7f52e9cfb91e5c91216646ca4d8",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "b48c24c2d710cf34810c555dcef883a3d35a9c08",
        "lessThan": "2fd37450d271d74b3847baed284f9cfdf198c6f8",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "b48c24c2d710cf34810c555dcef883a3d35a9c08",
        "lessThan": "cfe962216c164fe2b1c1fb6ac925a7413f5abc84",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "b48c24c2d710cf34810c555dcef883a3d35a9c08",
        "lessThan": "c9bd0007c4bdb7806bbd323287e50f9cf467c51a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "b48c24c2d710cf34810c555dcef883a3d35a9c08",
        "lessThan": "74586c6da9ea222a61c98394f2fc0a604748438c",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/infiniband/hw/irdma/verbs.c"
    ],
    "versions": [
      {
        "version": "5.14",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.14",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.203",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.167",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.6.130",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.12.77",
        "lessThanOrEqual": "6.12.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.17",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.19.7",
        "lessThanOrEqual": "6.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/14b47c07c69930254f549a17ee245c80a65b1609
git	www.git.kernel.org/stable/c/cfe962216c164fe2b1c1fb6ac925a7413f5abc84
git	www.git.kernel.org/stable/c/1b1fac4c7a3ab7f52e9cfb91e5c91216646ca4d8
git	www.git.kernel.org/stable/c/1f70df004fdd944653013ccc2e1dfd472a693b46
git	www.git.kernel.org/stable/c/74586c6da9ea222a61c98394f2fc0a604748438c
git	www.git.kernel.org/stable/c/2fd37450d271d74b3847baed284f9cfdf198c6f8
git	www.git.kernel.org/stable/c/c9bd0007c4bdb7806bbd323287e50f9cf467c51a

11 May 2026 22:04Current

EPSS0.00123