CVE-2026-52908
Analyzed Analyzed - Analysis Complete

RDMA Memory Re-Evaluation Vulnerability in Linux Kernel

Vulnerability report for CVE-2026-52908, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-19

Last updated on: 2026-07-08

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA: During rereg_mr ensure that REREG_ACCESS is compatible If IB_MR_REREG_ACCESS changes from RO to RW then the umem has to be re-evaluated to ensure it is properly pinned as RW. Since the umem is hidden inside each driver's mr struct add a ib_umem_check_rereg() function that each driver has to call before processing IB_MR_REREG_ACCESS. mlx4 has to retain its duplicate ib_access_writable check because it implements IB_MR_REREG_ACCESS | IB_MR_REREG_TRANS by changing both items in place sequentially while the MR is live, so it will continue to not support this combination.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-19
Last Modified
2026-07-08
Generated
2026-07-11
AI Q&A
2026-06-19
EPSS Evaluated
2026-07-09
NVD
EUVD

Affected Vendors & Products

Showing 11 associated CPEs
Vendor Product Version / Range
linux linux_kernel 7.1
linux linux_kernel 7.1
linux linux_kernel 7.1
linux linux_kernel 7.1
linux linux_kernel From 6.2 (inc) to 6.6.143 (exc)
linux linux_kernel From 6.13 (inc) to 6.18.36 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.94 (exc)
linux linux_kernel From 6.19 (inc) to 7.0.13 (exc)
linux linux_kernel 7.1
linux linux_kernel 7.1
linux linux_kernel 7.1

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is related to the Linux kernel's RDMA (Remote Direct Memory Access) subsystem, specifically during the reregistration of memory regions (rereg_mr). The issue arises when the access permissions for a memory region change from read-only (RO) to read-write (RW). In such cases, the underlying user memory (umem) must be re-evaluated to ensure it is properly pinned with the new RW permissions. Because the umem is encapsulated within each driver's memory region structure, a new function called ib_umem_check_rereg() was introduced for drivers to call before processing the access change. Additionally, the mlx4 driver has a special case where it retains a duplicate writable access check due to how it handles certain access and transaction flags sequentially while the memory region is active.

Impact Analysis

If this vulnerability is not addressed, changing memory region access from read-only to read-write without proper re-evaluation could lead to improper memory pinning. This might cause unauthorized memory access or corruption, potentially leading to system instability, data integrity issues, or security breaches in environments using RDMA features.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-52908. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart