7.8

CVE-2026-46181

RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()

In the Linux kernel, the following vulnerability has been resolved:

RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()

Sashiko points out the radix_tree itself is RCU safe, but nothing ever
frees the mlx4_srq struct with RCU, and it isn't even accessed within the
RCU critical section. It also will crash if an event is delivered before
the srq object is finished initializing.

Use the spinlock since it isn't easy to make RCU work, use
refcount_inc_not_zero() to protect against partially initialized objects,
and order the refcount_set() to be after the srq is fully initialized.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.9 < 6.18.30
LinuxLinux Kernel Version >= 6.19 < 7.0.7
LinuxLinux Kernel Version7.1 Updaterc1
LinuxLinux Kernel Version7.1 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.11% 0.017
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0b0ca135-0b70-47e7-9f44-1890c2a1c46c 7 1 5.9
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-366 Race Condition within a Thread

If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution undefined.

https://git.kernel.org/stable/c/1e2a44875b6afb4add1115f7f3351dcbeb6f273d
Patch
https://git.kernel.org/stable/c/8b7833f3bce35cb0d01c1503781523c099c675f0
Patch
https://git.kernel.org/stable/c/c9341307ea16b9395c2e4c9c94d8499d91fe31d0
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=2482532
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46181.json
https://access.redhat.com/errata/RHSA-2026:25217
https://access.redhat.com/errata/RHSA-2026:25120
https://access.redhat.com/errata/RHSA-2026:25121
https://access.redhat.com/errata/RHSA-2026:34094
https://access.redhat.com/errata/RHSA-2026:34443
https://access.redhat.com/errata/RHSA-2026:35863
https://access.redhat.com/errata/RHSA-2026:35894
https://access.redhat.com/errata/RHSA-2026:35896
https://access.redhat.com/errata/RHSA-2026:33900
https://access.redhat.com/errata/RHSA-2026:34095
https://access.redhat.com/security/cve/CVE-2026-46181
https://access.redhat.com/errata/RHSA-2026:36216