CVE-2026-46117

CVE-2026-46117 affects the Linux kernel RDMA/mana component. The issue arises when a user can configure Work Queues to share the same Completion Queue via the uAPI, which triggers a user-writable WARN_ON() and can lead to kernel corruption. The vulnerability has been resolved by removing the trig...

EUVD-2026-32876

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

CVE-2026-46117 RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an cleanup error in manadestroywqobj within manaibcreateqprss. This vulnerability may lead to double...

Oracle Universal Work Queue 安全漏洞

Oracle Universal Work Queue is a flexible work presentation and access tool developed by Oracle, a company in the United States. This software provides centralized viewing of work, access requests, and organization of work, thereby improving efficiency and productivity. Versions 12.2.3 to 12.2.15...

PT-2026-44520

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

PT-2026-44249

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the RDMA mana component where the mana destroy wq obj cleanup process in mana ib create qp rss is handled...

CVE-2026-46011

A flaw was found in the Linux kernel's MediaTek JPEG mtk-jpeg driver. This use-after-free vulnerability arises from a race condition where the driver frees memory while it may still be in use by a work queue. This can allow a local attacker to cause system instability, leading to a denial of...

CVE-2026-46084

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mtk-jpeg driver failing to cancel the work queue during the release process, potentially...

PT-2026-43723

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ib uverbs post send function uses the wqe size variable from userspace without validation before passing it to kmalloc. If a small value is provided for wqe size, the system may...

CVE-2026-45856

RDMA/uverbs: Validate wqesize before using it in ibuverbspostsend...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Returns a CQE error if an invalid lkey is provided. In RXE, there is a lack of update of the WQE status in cases of LOCALwrite failures. This caused the following kernel panic if someone performed an atomic operation...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: A memory leak was fixed when flushing the reset work queue...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: writeback: Fixed the use of “free” after processing in inodeswitchwbsworkfn. The function inodeswitchwbsworkfn has a loop like this: c wbgetnewwb; while 1 list = llistdelall&newwb-switchwbsctxs; / Nothing to do? / if !list break;...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: API – Use a work queue in cryptoDestroyInstance. The function cryptoDropSpawn is expected to be called from the process context. However, when an instance is not registered while it still has active users, the last user m...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: io-wq: Check for wq exit after adding a new worker taskwork. We check the IOWQBITEXIT flag before attempting to create a new worker. The wq exit cancels any pending tasks if there are any. However, it’s possible for a race...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: Reverted “scsi: fcoe: Fix potential deadlock on &fip-ctlrlock”. This reversion involves commit 1a1975551943f681772720f639ff42fbaa746212. This commit caused interrupts for FCoE devices to be lost, as it changed the sping loc...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed an issue where incomplete state saving occurred in rxerequester. If a send packet is dropped by the IP layer in rxerequester, the call to rxexmitpacket may fail with an error code -EAGAIN. To recover, the state of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Deferred sub-object cleanup in export put callbacks The svcexportput function calls pathput and authdomainput immediately when the last reference is dropped, before the RCU grace period. RCU readers in eshow and cshow...