RDMA Vulnerability in Linux Kernel Affects Multiple Drivers
CVE-2026-52908

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 19 June 2026

What is CVE-2026-52908?

The vulnerability in the Linux kernel's RDMA subsystem pertains to improper handling of memory region (MR) re-registration, specifically concerning the REREG_ACCESS flag. When the access flag transitions from read-only (RO) to read-write (RW), the underlying memory management structures must be rigorously validated to ensure they comply with the RW permissions. The introduction of a new function, ib_umem_check_rereg(), requires that drivers verify their configurations before processing changes. In particular, the mlx4 driver has to maintain a strict check due to its sequential handling of REREG_ACCESS and REREG_TRANS combinations, limiting its support for such transitions.

Affected Version(s)

Linux b40656aa7d559adc1fe689396dc58b92a9a27286 < 09dc18894148381d3bfc550083b1236043870dce

Linux b40656aa7d559adc1fe689396dc58b92a9a27286

Linux b40656aa7d559adc1fe689396dc58b92a9a27286 < 2904e985a2917b5dac65df82733065e78a65fc9d

References

https://git.kernel.org/stable/c/09dc18894148381d3bfc55008...

https://git.kernel.org/stable/c/eba5df21eda0fe7418efbea2f...

https://git.kernel.org/stable/c/2904e985a2917b5dac65df827...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-52908 Data

JSON