CVE-2026-46112
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk3th percentile - higher than 3% of all known CVEs
Summary
A vulnerability has been identified in the Linux kernel related to the hns_roce_qp_remove() function, which requires the caller to hold locks. In the error flow of hns_roce_create_qp_common(), these locks are not held, risking memory corruption.
Risk Assessment
The lack of proper locks during the function call may lead to serious memory integrity issues, threatening system stability and data security.
Recommendation
It is recommended to update the Linux kernel to the latest version to mitigate this vulnerability and ensure proper lock management.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hns_roce_qp_remove() Sashiko points out that hns_roce_qp_remove() requires the caller to hold locks. The error flow in hns_roce_create_qp_common() doesn't hold those locks for the error unwind so it risks corrupting memory. Grab the same locks the other two callers use.

