7.8

CVE-2026-46053

net: rds: fix MR cleanup on copy error

In the Linux kernel, the following vulnerability has been resolved:

net: rds: fix MR cleanup on copy error

__rds_rdma_map() hands sg/pages ownership to the transport after
get_mr() succeeds. If copying the generated cookie back to user space
fails after that point, the error path must not free those resources
again before dropping the MR reference.

Remove the duplicate unpin/free from the put_user() failure branch so
that MR teardown is handled only through the existing final cleanup
path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.6.1 < 5.10.258
LinuxLinux Kernel Version >= 5.11 < 5.15.209
LinuxLinux Kernel Version >= 5.16 < 6.1.175
LinuxLinux Kernel Version >= 6.2 < 6.6.140
LinuxLinux Kernel Version >= 6.7 < 6.12.86
LinuxLinux Kernel Version >= 6.13 < 6.18.27
LinuxLinux Kernel Version >= 6.19 < 7.0.4
LinuxLinux Kernel Version5.6 Update-
LinuxLinux Kernel Version5.6 Updaterc3
LinuxLinux Kernel Version5.6 Updaterc4
LinuxLinux Kernel Version5.6 Updaterc5
LinuxLinux Kernel Version5.6 Updaterc6
LinuxLinux Kernel Version5.6 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.028
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/8fdbb6262a4a3ed44a0830a7793903b54bb27bdc
Patch
https://git.kernel.org/stable/c/d95cea9298be1ba8876e3f156be96d3a492085ca
Patch
https://git.kernel.org/stable/c/033370ffb3c9c0264d19f8ba9ef769523266589a
Patch
https://git.kernel.org/stable/c/b3cb8cae530b2727d8245684148bb49425f6765c
Patch
https://git.kernel.org/stable/c/8141a2dc70080eda1aedc0389ed2db2b292af5bd
Patch
https://git.kernel.org/stable/c/106dc689206610cfa2098f593fdd1e020c997835
Patch
https://git.kernel.org/stable/c/91a44b406bc1f9e1c5da0cb7d0d5991b43b79147
Patch
https://git.kernel.org/stable/c/ec55a86f7fba7d9111df94b9c11a4755ed492995
Patch