51 matches found
CVE-2026-45852 RDMA/rxe: Fix double free in rxe_srq_from_init
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxesrqfrominit In rxesrqfrominit, the queue pointer 'q' is assigned to 'srq-rq.queue' before copying the SRQ number to user space. If copytouser fails, the function calls rxequeuecleanup to free the...
CVE-2026-45852
Summary of CVE-2026-45852 (Linux kernel RDMA/rxe): A double-free vulnerability exists in the rxe_srq_from_init path of the RDMA subsystem. The queue pointer is temporarily assigned to srq->rq.queue before copy_to_user(), so if copy_to_user() fails, cleanup frees the same memory twice when the ...
CVE-2026-45852
RDMA/rxe: Fix double free in rxesrqfrominit...
PT-2026-43719
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free issue exists in the RDMA/rxe component. In the rxe srq from init function, the queue pointer q is assigned to srq-rq.queue before the SRQ number is copied to user space. If...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Added a check for the srqmaxsge attribute. The maxsge attribute is provided by the user and is inserted and used unchecked. Therefore, ensure that the value does not exceed the maximum allowed value before using it...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1, and Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fixed deadlock issues with SRQ async events. The xalock function for the SRQ table may be required in AEQ. Use xastoreirq/xaeraseirq to avoid deadlock...
SUSE CVE-2026-31491
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Harden depth calculation functions An issue was exposed where OS can pass in U32MAX for SQ/RQ/SRQ size. This can cause integer overflow and truncation of SQ/RQ/SRQ depth returning a success when it should have failed...
IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()
...
CVE-2026-23289
A flaw was found in the Linux kernel's IB/mthca component. A local user could exploit this vulnerability by triggering a system call failure path related to the mthcacreatesrq function. This oversight leads to a missed unmapping of user database resources, resulting in a resource leak...
EUVD-2026-15218
In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...
CVE-2026-23289 IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()
In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...
CVE-2026-23289
In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...
RDMA/rxe: Fix null deref on srq->rq.queue after resize failure
...
SUSE CVE-2025-68379
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...
CVE-2025-68379
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...
AZL-73138 CVE-2025-68379 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...
CVE-2025-68379 RDMA/rxe: Fix null deref on srq->rq.queue after resize failure
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...
CVE-2025-68379 RDMA/rxe: Fix null deref on srq->rq.queue after resize failure
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...
CVE-2025-68379
CVE-2025-68379 — In the Linux kernel, RDMA/rxe may dereference srq->rq.queue after a failed resize during a double ibv_modify_srq() call, causing a NULL pointer crash. The fix resolves null dereference in rxe_srq_chk_attr()/rxe_srq_from_attr() after a failed resize, preventing access to srq-&g...
Linux Distros Unpatched Vulnerability : CVE-2025-68379
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in...