CVE-2026-46127 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp() Sashiko points out that pd->uctx isn't initialized until late in the function so all these error flow references are NULL and will crash. Use the uctx that isn't NULL.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/34fbf48cf3b410d2a6e8c586fa952a36331ca5ba
https://git.kernel.org/stable/c/75fc130664ae324e7b2f9ad3630e0f175e9ca6c8
https://git.kernel.org/stable/c/8832626a483439e207734e027afff322ccdf726e
https://git.kernel.org/stable/c/e01a957561f663d3b68d2fd233a4502e3367efcd
https://git.kernel.org/stable/c/ec44c00a4fe1327efa35083f98b39c01cb535a51

History

Thu, 28 May 2026 10:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp() Sashiko points out that pd->uctx isn't initialized until late in the function so all these error flow references are NULL and will crash. Use the uctx that isn't NULL.
Title		RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/34fbf48cf3b410d2a6e8c586fa952a36331ca5ba https://git.kernel.org/stable/c/75fc130664ae324e7b2f9ad3630e0f175e9ca6c8 https://git.kernel.org/stable/c/8832626a483439e207734e027afff322ccdf726e https://git.kernel.org/stable/c/e01a957561f663d3b68d2fd233a4502e3367efcd https://git.kernel.org/stable/c/ec44c00a4fe1327efa35083f98b39c01cb535a51

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-28T09:35:42.368Z

Updated: 2026-05-28T09:35:42.368Z

Reserved: 2026-05-13T15:03:33.099Z

Link: CVE-2026-46127

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-28T10:16:28.250

Modified: 2026-05-28T10:16:28.250

Link: CVE-2026-46127

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-46127", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-13T15:03:33.099Z", "datePublished": "2026-05-28T09:35:42.368Z", "dateUpdated": "2026-05-28T09:35:42.368Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-28T09:35:42.368Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp()\n\nSashiko points out that pd->uctx isn't initialized until late in the\nfunction so all these error flow references are NULL and will crash. Use\nthe uctx that isn't NULL."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/infiniband/hw/ocrdma/ocrdma_verbs.c"], "versions": [{"version": "fe2caefcdf5869f308c102e3d64d40683bfad711", "lessThan": "e01a957561f663d3b68d2fd233a4502e3367efcd", "status": "affected", "versionType": "git"}, {"version": "fe2caefcdf5869f308c102e3d64d40683bfad711", "lessThan": "75fc130664ae324e7b2f9ad3630e0f175e9ca6c8", "status": "affected", "versionType": "git"}, {"version": "fe2caefcdf5869f308c102e3d64d40683bfad711", "lessThan": "8832626a483439e207734e027afff322ccdf726e", "status": "affected", "versionType": "git"}, {"version": "fe2caefcdf5869f308c102e3d64d40683bfad711", "lessThan": "ec44c00a4fe1327efa35083f98b39c01cb535a51", "status": "affected", "versionType": "git"}, {"version": "fe2caefcdf5869f308c102e3d64d40683bfad711", "lessThan": "34fbf48cf3b410d2a6e8c586fa952a36331ca5ba", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/infiniband/hw/ocrdma/ocrdma_verbs.c"], "versions": [{"version": "3.5", "status": "affected"}, {"version": "0", "lessThan": "3.5", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.140", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.88", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.30", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0.7", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.1-rc3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.5", "versionEndExcluding": "6.6.140"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.5", "versionEndExcluding": "6.12.88"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.5", "versionEndExcluding": "6.18.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.5", "versionEndExcluding": "7.0.7"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.5", "versionEndExcluding": "7.1-rc3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/e01a957561f663d3b68d2fd233a4502e3367efcd"}, {"url": "https://git.kernel.org/stable/c/75fc130664ae324e7b2f9ad3630e0f175e9ca6c8"}, {"url": "https://git.kernel.org/stable/c/8832626a483439e207734e027afff322ccdf726e"}, {"url": "https://git.kernel.org/stable/c/ec44c00a4fe1327efa35083f98b39c01cb535a51"}, {"url": "https://git.kernel.org/stable/c/34fbf48cf3b410d2a6e8c586fa952a36331ca5ba"}], "title": "RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp()", "x_generator": {"engine": "bippy-1.2.0"}}}}