CVE-2026-46325 RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE

🗓️ 09 Jun 2026 12:25:52Reported by LinuxType

RDMA rxe fixes iova-to-va for MR pages not equal to PAGE_SIZE using preallocated page array.

Reporter	Title	Published	Views	Family All 12
CVE	CVE-2026-46325	9 Jun 202612:25	–	cve
Debian CVE	CVE-2026-46325	9 Jun 202612:25	–	debiancve
EUVD	EUVD-2026-35426	9 Jun 202612:25	–	euvd
NVD	CVE-2026-46325	9 Jun 202614:16	–	nvd
OSV	BELL-CVE-2026-46325	10 Jun 202606:10	–	osv
OSV	DEBIAN-CVE-2026-46325	9 Jun 202614:16	–	osv
OSV	ROOT-OS-DEBIAN-13-CVE-2026-46325 CVE-2026-46325 in rootio-linux - Patched by Root	12 Jun 202604:24	–	osv
OSV	UBUNTU-CVE-2026-46325	9 Jun 202614:16	–	osv
Positive Technologies	PT-2026-47783	9 Jun 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-46325	9 Jun 202616:38	–	redhatcve

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/infiniband/sw/rxe/rxe_mr.c",
      "drivers/infiniband/sw/rxe/rxe_verbs.h"
    ],
    "versions": [
      {
        "version": "592627ccbdff0ec6fff00fc761142a76db750dd4",
        "lessThan": "409c2c5508f3d30627bea576f8676de523cb906e",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "592627ccbdff0ec6fff00fc761142a76db750dd4",
        "lessThan": "836f6c13c9674027793f720be3f15ecd2b90b6ca",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "592627ccbdff0ec6fff00fc761142a76db750dd4",
        "lessThan": "12985e5915a0b8354796efadaaeb201eed115377",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0e443760b8b7b1e6723f4408afa056b2bc4fea12",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "6.2.3",
        "lessThan": "6.3",
        "status": "affected",
        "versionType": "semver"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/infiniband/sw/rxe/rxe_mr.c",
      "drivers/infiniband/sw/rxe/rxe_verbs.h"
    ],
    "versions": [
      {
        "version": "6.3",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.3",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.18.14",
        "lessThanOrEqual": "6.18.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.19.4",
        "lessThanOrEqual": "6.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "7.0",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/12985e5915a0b8354796efadaaeb201eed115377
git	www.git.kernel.org/stable/c/836f6c13c9674027793f720be3f15ecd2b90b6ca
git	www.git.kernel.org/stable/c/409c2c5508f3d30627bea576f8676de523cb906e

09 Jun 2026 12:25Current

EPSS0.00017