CVE-2026-46117
RDMA/mana QP Creation Failure Due to Invalid WQ and CQ Configuration
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can lead to kernel corruption if exploited, which may cause system instability, crashes, or potentially allow an attacker to execute arbitrary code with kernel privileges.
Since it involves the kernel, the impact could be severe, affecting the overall security and reliability of the affected Linux system.
Can you explain this vulnerability to me?
This vulnerability exists in the Linux kernel's RDMA/mana component. It involves a user being able to trigger a WARN_ON() condition in the mana_ib_create_qp_rss() function by specifying Work Queues (WQs) that share the same Completion Queue (CQ) as part of the user API (uAPI). Triggering this WARN_ON() leads to kernel corruption.
The issue was resolved by rejecting such requests outright and failing the creation of the Queue Pair (QP) to prevent kernel corruption.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, the Linux kernel has been updated to reject user requests that trigger the WARN_ON() condition in mana_ib_create_qp_rss(), thereby failing the QP creation outright.
Therefore, the immediate step is to update your Linux kernel to a version that includes this fix.