EUVD-2026-32435

In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those...

PT-2026-43920

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Reliable Datagram Sockets RDS implementation of the Linux kernel. In the rds rdma map function, memory region MR ownership of scatter-gather lists and pages is...

CVE-2026-46053

net: rds: fix MR cleanup on copy error...

Linux Distros Unpatched Vulnerability : CVE-2026-43502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: handle zerocopy send cleanup before the message is queued A zerocopy send can fail after user pages have been pinned but before the message is attached...

CVE-2026-43494

A flaw was found in the Linux kernel, specifically within the net/rds module. When a zerocopy page pin operation fails, a counter used for memory management opnents is not correctly reset. This can result in a double-free vulnerability, where the same memory is released twice. A local attacker...

CVE-2026-43494

In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails When iovitergetpages2 fails in rdsmessagezcopyfromuser, the pinned pages are released with putpage, and rm-data.opmmpznotifier is cleared. But we fail to properly clear...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect inference of the zero-copy status during the cleanup phase before messages are...

SUSE CVE-2026-43230

In the Linux kernel, the following vulnerability has been resolved: net/rds: Clear reconnect pending bit When canceling the reconnect worker, care must be taken to reset the reconnect-pending bit. If the reconnect worker has not yet been scheduled before it is canceled, the reconnect-pending bit...

PT-2026-37570

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net/rds component where the reconnect-pending bit is not properly reset when canceling the reconnect worker. If the worker is canceled before it has been scheduled...

Linux Distros Unpatched Vulnerability : CVE-2026-43230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: Clear reconnect pending bit When canceling the reconnect worker, care must be taken to reset the reconnect-pending bit. If the reconnect worker has not...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the warning in rdsconnconnectifdown. If a connection is not established yet, getmr will fail, causing the connection to be initiated after getmr...

Linux Distros Unpatched Vulnerability : CVE-2026-23419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: Fix circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune where sknetrefcntupgrade is called while...

CVE-2026-23419

A flaw was found in the Linux kernel's net/rds module. This vulnerability involves a circular locking dependency within the rdstcptune function. The issue arises when the sknetrefcntupgrade function performs memory allocation while a socket lock is held, creating a deadlock with the fsreclaim loc...

UBUNTU-CVE-2026-23419

In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rdstcptune syzbot reported a circular locking dependency in rdstcptune where sknetrefcntupgrade is called while holding the socket lock:...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003967)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003967 advisory. An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the rdsconncreate function in net/rds/connection.c in a certain combination of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001966)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001966 advisory. net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989645)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989645 advisory. In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp-cpconn would produce null...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990193)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990193 advisory. In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp-cpconn would produce null...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-403454)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-403454 advisory. In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rdsconnconnectifdown If connection isn't established yet, getmr will fail...

Linux Distros Unpatched Vulnerability : CVE-2024-35902

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp-cpconn would produce...