CVE-2026-46265

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQMEMRECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the following trace: workqueue: WQMEMRECLAIM xprtiod:xprtrdmaconnectworker rpcrdma is flushing !WQMEMRECLAIM...

PT-2026-46028

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQ MEM RECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the following trace: workqueue: WQ MEM RECLAIM xprtiod:xprt rdma connect worker rpcrdma is flushing !WQ MEM RECLAIM hns roce irq...

CVE-2026-46133

A flaw was found in the Linux kernel's Soft RoCE RDMA/rxe driver. An unauthenticated remote attacker can send a specially crafted UDP packet with an unknown opcode to trigger an out-of-bounds read. This vulnerability can lead to a kernel panic, effectively causing a Denial of Service DoS on the...

CVE-2026-46112

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hnsroceqpremove Sashiko points out that hnsroceqpremove requires the caller to hold locks. The error flow in hnsrocecreateqpcommon doesn't hold those locks for the error unwind so it risks corruptin...

UBUNTU-CVE-2026-46112

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hnsroceqpremove Sashiko points out that hnsroceqpremove requires the caller to hold locks. The error flow in hnsrocecreateqpcommon doesn't hold those locks for the error unwind so it risks corruptin...

EUVD-2026-32871

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hnsroceqpremove Sashiko points out that hnsroceqpremove requires the caller to hold locks. The error flow in hnsrocecreateqpcommon doesn't hold those locks for the error unwind so it risks corruptin...

CVE-2026-46112

CVE-2026-46112 relates to the Linux kernel RDMA/hns driver. The vulnerability arises from an unlocked call to hns_roce_qp_remove() during error unwinding in hns_roce_create_qp_common(), where the caller did not hold the required locks, risking memory corruption. The fixes synchronize by grabbing ...

PT-2026-44235

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hns roce qp remove Sashiko points out that hns roce qp remove requires the caller to hold locks. The error flow in hns roce create qp common doesn't hold those locks for the error unwind so it risks...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: A memory leak has been fixed in hnsroceallocmr. When hnsrocemrenable fails in hnsroceallocmr, mrkey is not released. This issue only affects compiled tests...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix sleep from invalid context BUG Taking the qosmutex to process RoCEv2 QP's on netdev events causes a kernel splat. Fix this by removing the handling for RoCEv2 in irdmacmteardownconnections that uses the mutex. Thi...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: A NULL pointer dereference issue was fixed in hnsrocemapmrsg. The function ibmapmrsg allows ULPs to specify NULL as the sgoffset argument. The driver needs to check whether the argument is a NULL pointer before...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Added a check for a valid ‘madagent’ pointer. When unregistering an MAD agent, the srpt module performs a non-null check on the ‘madagent’ pointer before invoking ibunregistermadagent. This check can fail if the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the null-ptr-deref issue in ibcorecleanup. KASAN reported a null-ptr-deref error: KASAN: Null pointer dereferencing in the range 0x0000000000000118–0x000000000000011f. CPU: 1; PID: 379. Hardware name: QEMU Standa...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash problem in concurrent scenario When link status change, the nic driver need to notify the roce driver to handle this event, but at this time, the roce driver may uninit, then cause kernel crash. To fix...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix double invocation of bnxtulpstop/bnxtulpstart Before the commit under the Fixes tag below, bnxtulpstop and bnxtulpstart were always invoked in pairs. After that commit, the new bnxtulprestart can be invoked after...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed a soft lockup that occurred during the loop that allocates BT pages. The driver executes a for-loop when allocating BT pages and mapping them with buffer pages. When a large buffer e.g., an MR of over 100GB is...

kernel: smc: Fix use-after-free in __pnet_find_base_ndev()

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in pnetfindbasendev. syzbot reported use-after-free of netdevice in pnetfindbasendev, which was called during connect. 0 smcpnetfindismresource fetches skdstgetsk-dev and passes down to pnetfindbasendev,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013674)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013674 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: fix memory leak in hnsroceallocmr When hnsrocemrenable failed in hnsroceallocmr, mrkey ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011191)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011191 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: fix memory leak in hnsroceallocmr When hnsrocemrenable failed in hnsroceallocmr, mrkey ...

kernel: smc: Fix use-after-free in __pnet_find_base_ndev()

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in pnetfindbasendev. syzbot reported use-after-free of netdevice in pnetfindbasendev, which was called during connect. 0 smcpnetfindismresource fetches skdstgetsk-dev and passes down to pnetfindbasendev,...