CVE Catalog

CVE-2026-31565

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.10%

1th percentile - higher than 1% of all known CVEs

Summary

A deadlock vulnerability was found in the Linux kernel's RDMA/irdma driver during netdev reset with active RDMA connections. The netdev reset triggers removal of the irdma auxiliary driver, causing a circular dependency where uverbs_client waits for QP reference count to reach zero while cma_client holds the final reference, leading to an indefinite wait in iWARP mode.

Risk Assessment

The deadlock prevents proper system operation during network interface reset, potentially causing RDMA application hangs and service unavailability.

Recommendation

Immediately update the Linux kernel to a version containing the fix that skips QP reference count wait during device reset.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications (e.g., rping) are active. The netdev reset causes ice driver to remove irdma auxiliary driver, triggering device_delete and subsequent client removal. During client removal, uverbs_client waits for QP reference count to reach zero while cma_client holds the final reference, creating circular dependency and indefinite wait in iWARP mode. Skip QP reference count wait during device reset to prevent deadlock.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS