Zero Day MonitorZDM

← Back to list

7.8

CVE-2026-43120PATCHED

intel · linux kernel

RDMA/irdma: Fix double free related to rereg_user_mr

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix double free related to rereg_user_mr If IB_MR_REREG_TRANS is set during rereg_user_mr, the umem will be released and a new one will be allocated in irdma_rereg_mr_trans. If any step of irdma_rereg_mr_trans fails after the new umem is allocated, it releases the umem, but does not set iwmr->region to NULL. The problem is that this failure is propagated to the user, who will then call ibv_dereg_mr (as they should). Then, the dereg_mr path will see a non-NULL umem and attempt to call ib_umem_release again. Fix this by setting iwmr->region to NULL after ib_umem_release. Fixed: 5ac388db27c4 ("RDMA/irdma: Add support to re-register a memory region")

Affected Products

Vendor	Product	Versions
intel	linux kernel	715fdb3b30541cc8180b7cdc6aa9f8c307afdf25, 5ac388db27c443dadfbb0b8b23fa7ccf429d901a, 5ac388db27c443dadfbb0b8b23fa7ccf429d901a, 5ac388db27c443dadfbb0b8b23fa7ccf429d901a, 5ac388db27c443dadfbb0b8b23fa7ccf429d901a, 6.7

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
open source	open source linux kernel	cert_advisory	90%

References

Related News (3 articles)

Tier B

BSI Advisories6d ago

[NEU] [mittel] Linux Kernel: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB6d ago

CVE-2026-43120 | Linux Kernel up to 6.6.135/6.12.82/6.18.23/6.19.13 rereg_user_mr double free

→ No new info (linked only)

Tier C

Linux Kernel CVEs6d ago

CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

6.6.136

PublishedMay 6, 2026

Last enriched6d agov2

Tags

kernelvulnerabilitydouble free

Trending Score20

Source articles3

Independent3

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

NONECVE-2025-35969

CVE-2025-35969: Uncontrolled search path for some Intel(R) Server Firmware Update Utility Software before version 16.0.12. within Ring 3

NONECVE-2025-35991

CVE-2025-35991: Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an informat

Multiple Vulnerabilities in Intel Software Products

HIGHCVE-2026-31779

wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler()

NONECVE-2026-31691

igb: remove napi_synchronize() in igb_down()

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 6, 2026

Discovered by ZDM

May 6, 2026

Updated: description, affectedVersions, severity

May 6, 2026

Patch Available

May 8, 2026

Version History

v2

Last enriched 6d ago

v2Tier C6d ago

Updated description with critical severity, new affected versions, and corrected exploit availability.

descriptionaffectedVersionsseverity

via VulDB

v16d ago

Initial creation