CVE-2026-46181

In the Linux kernel, the following vulnerability has been resolved:

RDMA/mlx4: Fix mis-use of RCU in mlx4 srq event()

Sashiko points out the radix tree itself is RCU safe, but nothing ever frees the mlx4 srq struct with RCU, and it isn't even accessed within the RCU critical section. It also will crash if an event is delivered before the srq object is finished initializing.

Use the spinlock since it isn't easy to make RCU work, use refcount inc not zero() to protect against partially initialized objects, and order the refcount set() to be after the srq is fully initialized.