Lucene search
K

120 matches found

RedHat Linux
RedHat Linux
added 2026/06/25 11:21 p.m.6 views

kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

A flaw was found in the Linux kernel's RDMA/mana component. A local user could trigger a kernel corruption by providing specific configurations through the user Application Programming Interface uAPI that cause an internal error. This issue arises when Work Queues WQs are specified to share the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39282

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

6AI score0.00138EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:39 a.m.18 views

CVE-2026-53191

CVE-2026-53191 affects the Linux kernel io_uring/net path. In bundle recv retries (with incremental mode and provided buffer rings IOU_PBUF_RING_INC), a memory handling bug caused IORING_CQE_F_BUF_MORE to be dropped during flag merge, allowing the kernel to leave a stale BUF_MORE in carried flags...

7.8CVSS6AI score0.00138EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/22 10:59 a.m.4 views

kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

A flaw was found in the Linux kernel's RDMA/mana component. A local user could trigger a kernel corruption by providing specific configurations through the user Application Programming Interface uAPI that cause an internal error. This issue arises when Work Queues WQs are specified to share the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.13 views

SUSE CVE-2026-46117

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/28 6:27 p.m.15 views

CVE-2026-46117

A flaw was found in the Linux kernel's RDMA/mana component. A local user could trigger a kernel corruption by providing specific configurations through the user Application Programming Interface uAPI that cause an internal error. This issue arises when Work Queues WQs are specified to share the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/05/28 10:16 a.m.10 views

CVE-2026-46117

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

7.8CVSS0.00129EPSS
Exploits0References9
OSV
OSV
added 2026/05/28 10:16 a.m.8 views

UBUNTU-CVE-2026-46117

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References7
CVE
CVE
added 2026/05/28 9:35 a.m.30 views

CVE-2026-46126

CVE-2026-46126 affects the Linux kernel RDMA/mana component. The issue stems from the error unwind flow in mana_ib_create_qp_rss() cleanup of the Work Queue (WQ) table, leading to improper resource cleanup. Reports identify two bugs: (1) a double i-- in the first failure path of the unwinding loo...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.30 views

CVE-2026-46117 RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

7.8CVSS0.00129EPSS
Exploits0References4
CVE
CVE
added 2026/05/28 9:35 a.m.45 views

CVE-2026-46117

CVE-2026-46117 affects the Linux kernel RDMA/mana component. The issue arises when a user can configure Work Queues to share the same Completion Queue via the uAPI, which triggers a user-writable WARN_ON() and can lead to kernel corruption. The vulnerability has been resolved by removing the trig...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/05/27 12:58 p.m.14 views

EUVD-2026-32467

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...

5.7AI score0.00129EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.24 views

PT-2026-43951

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the RDMA mana ib component where the mana ib destroy qp rss function destroys RX WQ objects without disabling vPort RX steering in the firmware. This results in stale...

7.8CVSS5.8AI score0.00129EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fixed a issue where a “use-after-free” condition could occur during an interrupt. During a destroy CQ operation, an interrupt may cause the processing of a CQE to occur after the resources managed by irdmacqfreersrc...

7.8CVSS6AI score0.00213EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mana: The use-after-free issue in manahwcdestroychannel has been fixed by reordering the teardown process. There is a potential race condition in manahwcdestroychannel. In this situation, hwc-callerctx is freed before the...

7CVSS4.7AI score0.00118EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: A boundary check was added before installing cq callbacks. A boundary check has been added inside manaibinstallcqcb to prevent index overflow...

7.1CVSS5.6AI score0.00246EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Returns a CQE error if an invalid lkey is provided. In RXE, there is a lack of update of the WQE status in cases of LOCALwrite failures. This caused the following kernel panic if someone performed an atomic operation...

5.5CVSS6.4AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed the issue where immediate work requests were flushed to the completion queue incorrectly. The opcode of the send queue element was set correctly during the flushing of immediate work requests in the post-sendqueue...

5.9AI score0.00206EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: mana: Fixed error handling for TX CQE messages. For an unknown type of TX CQE error likely due to newer hardware, still free the SKB, update the queue tail, etc. Otherwise, the accounting data will be incorrect...

5.5CVSS6AI score0.0023EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/08 2:22 p.m.8 views

CVE-2026-43466

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX error CQE, a recovery flow is triggered, mlx5eresettxqsqccpc resets dmafifocc to 0 but not dmafifopc, desyncing the DMA FIFO producer and consumer. After...

8.2CVSS5.7AI score0.00329EPSS
Exploits0
Rows per page
Query Builder