kernel: Linux kernel: Denial of service and memory corruption in RDMA umad

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...

EUVD-2026-27691

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix double dmabufunpin in failure path In ibumemdmabufgetpinnedwithdmadevice, the call to ibumemdmabufmappages can fail. If this occurs, the dmabuf is immediately unpinned but the umemdmabuf-pinned flag is still set...

DEBIAN-CVE-2026-31565

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications e.g., rping are active. The netdev reset causes ice driver to remove irdma...

CVE-2026-31565

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications e.g., rping are active. The netdev reset causes ice driver to remove irdma...

EUVD-2026-25458

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications e.g., rping are active. The netdev reset causes ice driver to remove irdma...

CVE-2026-31491

A flaw was found in the Linux kernel's RDMA/irdma component. A local attacker could exploit an integer overflow and truncation vulnerability when the operating system passes a maximum unsigned 32-bit integer U32MAX for SQ/RQ/SRQ size. This can lead to the system incorrectly reporting a successful...

CVE-2026-31493

A flaw was found in the Linux kernel's RDMA/efa component. When an admin command completes with an error during admin queue completion handling, the system attempts to print data from a completion context that has already been freed. This use-after-free vulnerability can lead to the disclosure of...

CVE-2026-31493

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix use of completion ctx after free On admin queue completion handling, if the admin command completed with error we print data from the completion context. The issue is that we already freed the completion context in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013774)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013774 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix kernel NULL pointer dereference error When rxequeueinit in the function rxeqpinitre...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011078)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011078 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-dere...

PT-2026-32351

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Reliable Delivery Service RDS implementation for InfiniBand IB. The function rds ib get mr allows FRMR memory registration to proceed before an IB connection is full...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005643 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, t...

ROS-20260220-73-0007

A vulnerability in the mlx5 driver of the RDMA subsystem of the Linux kernel is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker to escalate privileges, execute arbitrary code, or cause a denial of service...

kernel: RDMA/rxe: Fix incomplete state save in rxe_requester

An incorrect state restoration flaw was found in the Linux kernel's RDMA rxe soft-RoCE driver in the requester packet transmission logic. A local user with access to RDMA devices can trigger this issue when network layer packet drops occur during RDMA send operations, causing the work queue eleme...

RHEL 9 : kernel (RHSA-2026:2352)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2352 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: sched: schcake: add bounds...

kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe component. This use-after-free vulnerability occurs in the rxecreatecq function. When the rxecqfrominit function fails, the subsequent call to rxecleanup attempts to free memory resource...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005026)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005026 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Ensure rdmaaddrcancel happens before issuing more requests The FSM can run in a circle...

ROS-20260126-73-0002

A vulnerability in the RDMA/mlx5 component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260126-73-0052

A vulnerability in the RDMA/cma component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-71157

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: always drop device refcount in ibdelsubdeviceandput Since nldevdeldev introduced by commit 060c642b2ab8 "RDMA/nldev: Add support to add/delete a sub IB device through netlink" grabs a reference using ibdevicegetbyindex...