CVE Catalog

CVE-2026-46053

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile - higher than 3% of all known CVEs

Summary

A vulnerability in the Linux kernel related to improper resource management in the __rds_rdma_map() function has been fixed. The issue occurred when copying the generated cookie back to user space failed, which could lead to improper resource freeing.

Risk Assessment

This vulnerability may lead to memory leaks or improper resource management, potentially affecting system stability and the security of applications running on the Linux kernel.

Recommendation

It is recommended to update the Linux kernel to the latest version to eliminate this vulnerability and ensure proper resource management.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error __rds_rdma_map() hands sg/pages ownership to the transport after get_mr() succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those resources again before dropping the MR reference. Remove the duplicate unpin/free from the put_user() failure branch so that MR teardown is handled only through the existing final cleanup path.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS