CVE-2026-31493

Source
https://cve.org/CVERecord?id=CVE-2026-31493
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31493.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-31493
Downstream
Related
Published
2026-04-22T13:54:16.255Z
Modified
2026-07-15T01:49:16.439246100Z
Summary
RDMA/efa: Fix use of completion ctx after free
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/efa: Fix use of completion ctx after free

On admin queue completion handling, if the admin command completed with error we print data from the completion context. The issue is that we already freed the completion context in polling/interrupts handler which means we print data from context in an unknown state (it might be already used again). Change the admin submission flow so alloc/dealloc of the context will be symmetric and dealloc will be called after any potential use of the context.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31493.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
68fb9f3e312a36e49fd05ec2d6b668daf2c4931a
Fixed
0dd98aea1c0c45987fa2dd92f988b0eb1a72c125
Fixed
1cf95fe5dc5471efea947b4c6f8913da6bc7976e
Fixed
ef3b06742c8a201d0e83edc9a33a89a4fe3009f8

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31493.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.12.0
Fixed
6.18.21
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
6.19.11

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-31493.json"