PT-2026-37430 · Linux · Linux Kernel

Published

2026-05-06

·

Updated

2026-07-01

·

CVE-2026-43120

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A double free issue exists in the RDMA/irdma component. When IB MR REREG TRANS is set during rereg user mr, the system releases the current umem and allocates a new one via irdma rereg mr trans. If a failure occurs after the new umem allocation, the system releases the umem but fails to set the region variable in iwmr to NULL. Consequently, when a user calls ibv dereg mr to handle the failure, the deregistration path detects a non-NULL umem and attempts to call ib umem release a second time.
Recommendations Set iwmr->region to NULL after calling ib umem release to prevent the double free.

Fix

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-43120
SUSE-SU-2026:2195-1
SUSE-SU-2026:2238-1

Affected Products

Linux Kernel