CVE-2026-31493

EPSS 0.01%
Veröffentlicht 22.04.2026 14:16:47
Zuletzt bearbeitet 28.04.2026 14:45:56
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

RDMA/efa: Fix use of completion ctx after free

In the Linux kernel, the following vulnerability has been resolved:

RDMA/efa: Fix use of completion ctx after free

On admin queue completion handling, if the admin command completed with
error we print data from the completion context. The issue is that we
already freed the completion context in polling/interrupts handler which
means we print data from context in an unknown state (it might be
already used again).
Change the admin submission flow so alloc/dealloc of the context will be
symmetric and dealloc will be called after any potential use of the
context.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

NVD 10 VulnDex Vulnerability Enrichment 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.12.1 < 6.18.21

Linux ≫ Linux Kernel Version >= 6.19 < 6.19.11

Linux ≫ Linux Kernel Version5.12 Update-

Linux ≫ Linux Kernel Version7.0 Updaterc1

Linux ≫ Linux Kernel Version7.0 Updaterc2

Linux ≫ Linux Kernel Version7.0 Updaterc3

Linux ≫ Linux Kernel Version7.0 Updaterc4

Linux ≫ Linux Kernel Version7.0 Updaterc5

Linux ≫ Linux Kernel Version7.0 Updaterc6

Linux ≫ Linux Kernel Version7.0 Updaterc7

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.022

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/0dd98aea1c0c45987fa2dd92f988b0eb1a72c125

Patch

https://git.kernel.org/stable/c/1cf95fe5dc5471efea947b4c6f8913da6bc7976e

Patch

https://git.kernel.org/stable/c/ef3b06742c8a201d0e83edc9a33a89a4fe3009f8

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-31493

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-31493

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-31493

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-31493