CVE-2026-43120

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A double free issue exists in the RDMA/irdma component. When IB MR REREG TRANS is set during rereg user mr, the system releases the current umem and allocates a new one via irdma rereg mr trans. If a failure occurs after the new umem allocation, the system releases the umem but fails to set the region variable in iwmr to NULL. Consequently, when a user calls ibv dereg mr to handle the failure, the deregistration path detects a non-NULL umem and attempts to call ib umem release a second time.

Recommendations Set iwmr->region to NULL after calling ib umem release to prevent the double free.