Deadlock Issue in Linux Kernel for Mellanox Network Devices
CVE-2026-43468

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 8 May 2026

What is CVE-2026-43468?

A deadlock issue has been identified in the Linux kernel relevant to Mellanox network devices. This vulnerability arises from an interaction between the devlink lock and the eswitch work queue management. When eswitch-related events are handled, the devlink lock is acquired, which can lead to a stall if the work queue attempts to flush while still processing mode changes. The resolution involves preventing the flushing of the work queue and utilizing a generation counter to prevent outdated handlers from interacting with a modified eswitch. This change ensures that only relevant tasks are executed, enhancing the integrity and stability of network operations. Pending handler work notifications are also effectively disabled to further mitigate the potential for disruption.

Affected Version(s)

Linux f1bc646c9a06f09aad5d8bacb87103b5573ee45e < 0de867f6e34eae6907b367fd152c55e61cb98608

Linux f1bc646c9a06f09aad5d8bacb87103b5573ee45e < 957d2a58f7f8ebcbdd0a85935e0d2675134b890d

Linux f1bc646c9a06f09aad5d8bacb87103b5573ee45e < 3c7313cb41b1b427078440364d2f042c276a1c0b

References

https://git.kernel.org/stable/c/0de867f6e34eae6907b367fd1...

https://git.kernel.org/stable/c/957d2a58f7f8ebcbdd0a85935...

https://git.kernel.org/stable/c/3c7313cb41b1b427078440364...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 8, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43468 Data

JSON