VDB

RHSA-2026%3A19521

RHSA-2026%3A19521 PUBLISHED CVSS 7.300000190734863 HIGH

A flaw was found in the Linux kernel's Remote Direct Memory Access (RDMA) subsystem, specifically within the `rxe` component. This use-after-free vulnerability occurs in the `rxe_create_cq` function. When the `rxe_cq_from_init` function fails, the subsequent call to `rxe_cleanup` attempts to free memory resources that have already been released, leading to memory corruption. A local attacker with high privileges could exploit this flaw to cause a denial of service or potentially achieve arbitrary code execution.

Risk Scores

CVSS 3.1
7.300000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

Affected Products

VendorProductVersions
Red Hatkernel-tools-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8
Red Hatpython3-perf-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-modules-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-debug-core-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-modules-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8
Red Hatpython3-perf-debuginfo-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-debuginfo-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-debug-modules-extra-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-0:4.18.0-477.143.1.el8_8.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-core-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-debug-devel-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-debug-modules-extra-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-tools-debuginfo-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)4.18.0-477.143.1.el8
Red Hatperf-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-modules-extra-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8
Red Hatperf-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-tools-libs-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8
Red Hatkernel-debuginfo-common-x86_64-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)4.18.0-477.143.1.el8
Red Hatbpftool-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)4.18.0-477.143.1.el8

…and 52 more

Timeline

  • May 20, 2026 CVE Published
  • May 26, 2026 CVE Updated
  • May 26, 2026 Distribution Patch
  • May 26, 2026 Distribution Patch
  • May 26, 2026 Security Advisory
  • May 26, 2026 Security Advisory
  • May 26, 2026 Security Advisory
  • May 26, 2026 Security Advisory
  • May 26, 2026 Security Advisory
  • May 26, 2026 Security Advisory
  • May 26, 2026 Security Advisory
  • May 26, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›