5.5

CVE-2026-46127

RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp()

In the Linux kernel, the following vulnerability has been resolved:

RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp()

Sashiko points out that pd->uctx isn't initialized until late in the
function so all these error flow references are NULL and will crash. Use
the uctx that isn't NULL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.5 < 5.10.258
LinuxLinux Kernel Version >= 5.11 < 5.15.209
LinuxLinux Kernel Version >= 5.16 < 6.1.175
LinuxLinux Kernel Version >= 6.2 < 6.6.140
LinuxLinux Kernel Version >= 6.7 < 6.12.88
LinuxLinux Kernel Version >= 6.13 < 6.18.30
LinuxLinux Kernel Version >= 6.19 < 7.0.7
LinuxLinux Kernel Version7.1 Updaterc1
LinuxLinux Kernel Version7.1 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.028
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/e01a957561f663d3b68d2fd233a4502e3367efcd
Patch
https://git.kernel.org/stable/c/75fc130664ae324e7b2f9ad3630e0f175e9ca6c8
Patch
https://git.kernel.org/stable/c/8832626a483439e207734e027afff322ccdf726e
Patch
https://git.kernel.org/stable/c/ec44c00a4fe1327efa35083f98b39c01cb535a51
Patch
https://git.kernel.org/stable/c/34fbf48cf3b410d2a6e8c586fa952a36331ca5ba
Patch
https://git.kernel.org/stable/c/27b6eb1f27fda9bdd5cae028e396758cdf525845
Patch
https://git.kernel.org/stable/c/443c991fbc954cc9363e963c09f404b9f281f3a2
Patch
https://git.kernel.org/stable/c/b610f33c5523fe26f6dd897667fff9c7a1de5905
Patch