Linux Kernel xprtrdma Vulnerability in Memory Management
CVE-2026-43469

7.5HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 8 May 2026

What is CVE-2026-43469?

The Linux kernel's xprtrdma module has a vulnerability related to premature exits during memory allocation failures. When rpcrdma_post_recvs() does not successfully create a work request, it can lead to the re_receiving counter not being decremented appropriately. This issue causes worker threads to hang, potentially leading to severe system performance degradation, especially under high memory pressure. As a result, application responsiveness may be severely affected as tasks remain blocked indefinitely.

Affected Version(s)

Linux 15788d1d1077ebe029c48842c738876516d85076 < 7ea69259a60a364f56cf4aa9e2eafb588d1c762b

Linux 15788d1d1077ebe029c48842c738876516d85076 < 8cb6b5d8296b1f99a8d36849901ebabfe3f749db

Linux 15788d1d1077ebe029c48842c738876516d85076 < 74c39a47856bddcde7874f2196a00143b5cd0af9

References

https://git.kernel.org/stable/c/7ea69259a60a364f56cf4aa9e...

https://git.kernel.org/stable/c/8cb6b5d8296b1f99a8d368499...

https://git.kernel.org/stable/c/74c39a47856bddcde7874f219...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 8, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43469 Data

JSON