CVE-2026-46112

Source
https://cve.org/CVERecord?id=CVE-2026-46112
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46112.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-46112
Downstream
Related
Published
2026-05-28T09:35:20.879Z
Modified
2026-07-09T18:31:04.365269842Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
RDMA/hns: Fix unlocked call to hns_roce_qp_remove()
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/hns: Fix unlocked call to hnsroceqp_remove()

Sashiko points out that hnsroceqpremove() requires the caller to hold locks. The error flow in hnsrocecreateqp_common() doesn't hold those locks for the error unwind so it risks corrupting memory.

Grab the same locks the other two callers use.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46112.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e088a685eae94a0607b8f7b99949a0e14d748813
Fixed
1f0a3aa8b569d010316b427238222c5d899f9618
Fixed
b6296ff2475fc95ee6ea1b528c4b385302808186
Fixed
fb4ae739811d467409bd07d0e36cfd4140f3d26a
Fixed
fcf6a832c0d5b2bc5398d6996c5570d3ee7993fb
Fixed
1912f78798505dc9c637081bbddfbf1c22494c49
Fixed
615d9d260c32bb678504ca96f29ae46f9d745155
Fixed
0c99acbc8b6c6dd526ae475a48ee1897b61072fb

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46112.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.17.0
Fixed
5.15.209
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.140
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.88
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.30
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.7

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-46112.json"