CVE-2026-46126

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss()<br /> <br /> Sashiko points out there are two bugs here in the error unwind flow, both<br /> related to how the WQ table is unwound.<br /> <br /> First there is a double i-- on the first failure path due to the while loop<br /> having a i--, remove it.<br /> <br /> Second if mana_ib_install_cq_cb() fails then mana_create_wq_obj() is not<br /> undone due to the above i--.