CVE-2026-46126
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/05/2026
Last modified:
24/06/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss()<br />
<br />
Sashiko points out there are two bugs here in the error unwind flow, both<br />
related to how the WQ table is unwound.<br />
<br />
First there is a double i-- on the first failure path due to the while loop<br />
having a i--, remove it.<br />
<br />
Second if mana_ib_install_cq_cb() fails then mana_create_wq_obj() is not<br />
undone due to the above i--.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.8 (including) | 6.12.88 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.18.30 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 7.0.7 (excluding) |
| cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page



