CVE-2026-43120
Double Free in Linux Kernel RDMA/irdma Driver
Publication date: 2026-05-06
Last updated on: 2026-05-06
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux_kernel | linux_kernel | * |
| linux_kernel | linux_kernel | to 5ac388db27c4 (inc) |
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's RDMA/irdma component related to memory region re-registration (rereg_user_mr). When a specific flag (IB_MR_REREG_TRANS) is set during the re-registration process, the system releases a memory region (umem) and allocates a new one. If an error occurs after the new memory is allocated, the system releases the new memory but fails to clear the reference to it (iwmr->region is not set to NULL). This causes a double free error because the user, upon receiving the failure, will call a deregistration function (ibv_dereg_mr) which attempts to release the memory again, leading to potential memory corruption or crashes.
How can this vulnerability impact me? :
This vulnerability can lead to a double free condition in the Linux kernel's RDMA subsystem. Such a double free can cause memory corruption, system instability, crashes, or potentially allow an attacker to execute arbitrary code or cause a denial of service by exploiting the improper memory management.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in the Linux kernel by correcting the double free issue in the RDMA/irdma subsystem. To mitigate this vulnerability, you should update your Linux kernel to a version that includes the fix identified by commit 5ac388db27c4.
No other immediate mitigation steps or workarounds are provided.