Initialization Flaw in Linux Kernel Affecting RDMA/irdma Functionality
CVE-2026-31492

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-31492?

A vulnerability was identified in the Linux kernel's RDMA/irdma component, specifically in the irdma_create_qp function. When the ib_copy_to_udata operation fails, the subsequent cleanup process attempts to utilize the free_qp completion object, which has not been properly initialized. This can lead to undefined behavior or potential system instability. The issue has been addressed by ensuring the free_qp completion is initialized prior to calling ib_copy_to_udata, thus enhancing the overall stability and reliability of the RDMA functionality.

Affected Version(s)

Linux b48c24c2d710cf34810c555dcef883a3d35a9c08

References

https://git.kernel.org/stable/c/ac1da7bd224d406b6f1b84414...

https://git.kernel.org/stable/c/af310407f79d5816fc0ab3638...

https://git.kernel.org/stable/c/cd1534c8f4984432382c240f6...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31492 Data

JSON