Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-53355

Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
01/07/2026
Última modificación:
01/07/2026

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: rds: clear i_sends on setup unwind<br /> <br /> The RDS IB connection teardown path is written so it can run during<br /> partial startup and on repeated shutdown attempts. It uses NULL<br /> pointers to distinguish resources that are still owned from resources<br /> that have already been released.<br /> <br /> When rds_ib_setup_qp() fails after allocating i_sends but before<br /> allocating i_recvs, the sends_out path frees i_sends without clearing<br /> the pointer. A later shutdown pass can still treat that stale pointer<br /> as a live send ring allocation.<br /> <br /> Clear i_sends after vfree() in the error unwind path so the existing<br /> shutdown logic continues to use the correct ownership state.

Impacto