CVE-2026-52908EXPLOITEDPATCHED

linux · linux kernel

RDMA: During rereg_mr ensure that REREG_ACCESS is compatible

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA: During rereg_mr ensure that REREG_ACCESS is compatible If IB_MR_REREG_ACCESS changes from RO to RW then the umem has to be re-evaluated to ensure it is properly pinned as RW. Since the umem is hidden inside each driver's mr struct add a ib_umem_check_rereg() function that each driver has to call before processing IB_MR_REREG_ACCESS. mlx4 has to retain its duplicate ib_access_writable check because it implements IB_MR_REREG_ACCESS | IB_MR_REREG_TRANS by changing both items in place sequentially while the MR is live, so it will continue to not support this combination.

Affected Products

Vendor	Product	Versions
linux	linux kernel	b40656aa7d559adc1fe689396dc58b92a9a27286, b40656aa7d559adc1fe689396dc58b92a9a27286, b40656aa7d559adc1fe689396dc58b92a9a27286, b40656aa7d559adc1fe689396dc58b92a9a27286, b40656aa7d559adc1fe689396dc58b92a9a27286, 6.2

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
linux	linux	mitre_affected	90%
open source	open source linux kernel	cert_advisory	90%

References

Related News (5 articles)

Tier A

Microsoft MSRC3h ago

CVE-2026-52908 RDMA: During rereg_mr ensure that REREG_ACCESS is compatible

→ No new info (linked only)

Tier B

BSI Advisories6d ago

[NEU] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff

→ No new info (linked only)

Tier C

VulDB9d ago

CVE-2026-52908 | Linux Kernel up to 6.6.142/6.12.93/6.18.35/7.0.12 RDMA ib_umem_check_rereg privilege escalation

→ No new info (linked only)

Tier C

Linux Kernel CVEs9d ago

CVE-2026-52908: RDMA: During rereg_mr ensure that REREG_ACCESS is compatible

→ No new info (linked only)

Tier C

Linux Kernel CVEs9d ago

CVE-2026-52908: RDMA: During rereg_mr ensure that REREG_ACCESS is compatible

→ No new info (linked only)

CVSS 3.17.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

09dc18894148381d3bfc550083b1236043870dce

PublishedJun 19, 2026

Last enriched9d agov4

Trending Score66

Source articles5

Independent4

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-31431EXPKEV

crypto: algif_aead - Revert to operating out-of-place

Trending: 96

HIGHCVE-2026-43284EXPKEV

xfrm: esp: avoid in-place decrypt on shared skb frags

Trending: 91

HIGHCVE-2026-43500EXPKEV

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present

Trending: 87

HIGHCVE-2026-43503EXP

net: skbuff: propagate shared-frag marker through frag-transfer helpers

Trending: 77

HIGHCVE-2026-46243EXP

smb: client: reject userspace cifs.spnego descriptions

Trending: 75

Pin to Dashboard

Verification

State: verified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 19, 2026

Discovered by ZDM

Jun 19, 2026

Updated: affectedVersions

Jun 19, 2026

Updated: description, patchAvailable

Jun 19, 2026

Updated: description, affectedVersions, severity, activelyExploited, cweIds

Jun 19, 2026

Actively Exploited

Jun 28, 2026

Exploit Available

Jun 28, 2026

Patch Available

Jun 28, 2026

Version History

Last enriched 9d ago

v4Tier C9d ago

Updated description with critical vulnerability details, added affected versions, changed severity to CRITICAL, and noted that the exploit is not available.

descriptionaffectedVersionsseverityactivelyExploitedcweIds

via VulDB

v3Tier C9d ago

Updated description with more technical detail, added affected versions, and specified a fixed version number for patch availability.

descriptionpatchAvailable

via Linux Kernel CVEs

v2Tier C9d ago

Updated description with more technical detail, added affected versions, changed severity to HIGH, and specified the patch available version as 6.6.143.

affectedVersions

via Linux Kernel CVEs

v19d ago

Initial creation