kernel: RDMA/mana: Validate rx_hash_key_len

A flaw was found in the Linux kernel's RDMA/mana component. A local user could exploit this vulnerability by providing an invalid rxhashkeylen value through a user-space API uAPI structure. This invalid value is then used in a memcpy operation without proper bounds checking, allowing the user to...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Linux Distros Unpatched Vulnerability : CVE-2026-46145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to tra...

SUSE CVE-2026-46117

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

SUSE CVE-2026-46145

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow...

Linux Distros Unpatched Vulnerability : CVE-2026-46117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and th...

CVE-2026-46145

A flaw was found in the Linux kernel's RDMA/mana component. A local user could exploit this vulnerability by providing an invalid rxhashkeylen value through a user-space API uAPI structure. This invalid value is then used in a memcpy operation without proper bounds checking, allowing the user to...

CVE-2026-46117

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

UBUNTU-CVE-2026-46117

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

UBUNTU-CVE-2026-46144

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...

CVE-2026-46145

The CVE-2026-46145 vulnerability affects the Linux kernel, specifically the RDMA/mana component. A user-supplied rx_hash_key_len value supplied via a uAPI structure is blindly passed to memcpy, enabling localized kernel memory corruption if bounds checks are not enforced. Reports from multiple so...

CVE-2026-46145

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow...

CVE-2026-46144

The CVE-2026-46144 entry concerns the Linux kernel RDMA mana driver. A resource leak occurs during error unwind in mana_ib_create_qp_rss(), where mana_ib_cfg_vport_steering() is not properly cleaned up; this could cause resource exhaustion (DoS). The issue has been fixed in the kernel (patched), ...

EUVD-2026-32885

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ table is unwound. First there is a double i-- on the first failure path...

CVE-2026-46126 RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss()

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ table is unwound. First there is a double i-- on the first failure path...

CVE-2026-46117 RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

PT-2026-44240

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A flaw exists in the RDMA mana component where a user can specify Work Queues WQs sharing the same Completion Queue CQ as part of the user API. This action triggers a WARN ON condition with...

PT-2026-44268

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the RDMA/mana component where the rx hash key len variable, which originates from a uAPI structure, is passed to the memcpy function without proper validation. This lack ...

CVE-2026-46084

RDMA/manaib: Disable RX steering on RSS QP destroy...

SUSE CVE-2024-38542

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: boundary check before installing cq callbacks Add a boundary check inside manaibinstallcqcb to prevent index overflow...