7.8

CVE-2026-46112

RDMA/hns: Fix unlocked call to hns_roce_qp_remove()

In the Linux kernel, the following vulnerability has been resolved:

RDMA/hns: Fix unlocked call to hns_roce_qp_remove()

Sashiko points out that hns_roce_qp_remove() requires the caller to hold
locks.  The error flow in hns_roce_create_qp_common() doesn't hold those
locks for the error unwind so it risks corrupting memory.

Grab the same locks the other two callers use.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.17 < 5.15.209
LinuxLinux Kernel Version >= 5.16 < 6.1.175
LinuxLinux Kernel Version >= 6.2 < 6.6.140
LinuxLinux Kernel Version >= 6.7 < 6.12.88
LinuxLinux Kernel Version >= 6.13 < 6.18.30
LinuxLinux Kernel Version >= 6.19 < 7.0.7
LinuxLinux Kernel Version7.1 Updaterc1
LinuxLinux Kernel Version7.1 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.1% 0.01
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/fb4ae739811d467409bd07d0e36cfd4140f3d26a
Patch
https://git.kernel.org/stable/c/fcf6a832c0d5b2bc5398d6996c5570d3ee7993fb
Patch
https://git.kernel.org/stable/c/1912f78798505dc9c637081bbddfbf1c22494c49
Patch
https://git.kernel.org/stable/c/615d9d260c32bb678504ca96f29ae46f9d745155
Patch
https://git.kernel.org/stable/c/0c99acbc8b6c6dd526ae475a48ee1897b61072fb
Patch
https://git.kernel.org/stable/c/1f0a3aa8b569d010316b427238222c5d899f9618
Patch
https://git.kernel.org/stable/c/b6296ff2475fc95ee6ea1b528c4b385302808186
Patch