CVE-2025-71096

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

CVE-2022-50138 RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()

In the Linux kernel, the following vulnerability has been resolved: RDMA/qedr: Fix potential memory leak in qedrallocmr qedrallocmr allocates a memory chunk for "mr-info.pbltable" with initmrinfo. When rdmaalloctid and rdmaregistertid fail, "mr" is released while "mr-info.pbltable" is not release...

CVE-2022-50136 RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IWCMEVENTCONNECTREPLY in this case. This may trigge...

CVE-2022-50129 RDMA/srpt: Fix a use-after-free

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srptport from regular members into pointers. Allocate the LIO port data structures from inside srptmaketport and free these from inside srptmaketport. Keep...

CVE-2025-38022

The CVE-2025-38022 issue resides in the Linux kernel RDMA/core where KASAN reports a slab-use-after-free Read in ib_register_device. Root cause: ib_device_rename() renames the device name under a lock while kobject_uevent() accesses the name without lock protection, leading to a race. The fix is ...

CVE-2022-49929

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr leak in RESPSTERRRNR rxerecheckmr will increase mr's refcnt, so we should call rxeputmr to drop mr's refcnt in RESPSTERRRNR to avoid below warning: WARNING: CPU: 0 PID: 4156 at...

CVE-2022-49929 RDMA/rxe: Fix mr leak in RESPST_ERR_RNR

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr leak in RESPSTERRRNR rxerecheckmr will increase mr's refcnt, so we should call rxeputmr to drop mr's refcnt in RESPSTERRRNR to avoid below warning: WARNING: CPU: 0 PID: 4156 at...

CVE-2025-21805 RDMA/rtrs: Add missing deinit() call

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Add missing deinit call A warning is triggered when repeatedly connecting and disconnecting the rnbd: listadd corruption. prev-next should be next ffff88800b13e480, but was ffff88801ecd1338. prev=ffff88801ecd1340...

CVE-2022-49208

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevent some integer underflows My static checker complains that: drivers/infiniband/hw/irdma/ctrl.c:3605 irdmascceqinit warn: can subtract underflow 'info-dev-hmcfpmmisc.maxceqs'? It appears that...

CVE-2024-57795

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Remove the direct link to netdevice The similar patch in siw is in the link: https://git.kernel.org/rdma/rdma/c/16b87037b48889 This problem also occurred in RXE. The following analyze this problem. In the following Call...

CVE-2024-57795 RDMA/rxe: Remove the direct link to net_device

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Remove the direct link to netdevice The similar patch in siw is in the link: https://git.kernel.org/rdma/rdma/c/16b87037b48889 This problem also occurred in RXE. The following analyze this problem. In the following Call...

CVE-2024-26907

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here ------------ memcpy: detected field-spanning write size 56 of single field "eseg-inlinehdr.start" at...

CVE-2024-26907 RDMA/mlx5: Fix fortify source warning while accessing Eth segment

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here ------------ memcpy: detected field-spanning write size 56 of single field "eseg-inlinehdr.start" at...

CVE-2023-2176

A vulnerability was found in comparenetdevandip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege...