CVE-2026-31565 (GCVE-0-2026-31565)

Vulnerability from cvelistv5 – Published: 2026-04-24 14:35 – Updated: 2026-05-23 16:05
VLAI
Title
RDMA/irdma: Fix deadlock during netdev reset with active connections
Summary
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications (e.g., rping) are active. The netdev reset causes ice driver to remove irdma auxiliary driver, triggering device_delete and subsequent client removal. During client removal, uverbs_client waits for QP reference count to reach zero while cma_client holds the final reference, creating circular dependency and indefinite wait in iWARP mode. Skip QP reference count wait during device reset to prevent deadlock.
Severity
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 0b3c392b82cdf867808a8ea7c6760d3c7e6b6627 , < 009831768faeca3fb5950ce63f1b49594ec82389 (git)
Affected: 07322c8a12d6c796450faacb8be9e5e3c278ec84 , < adf0de36e52a48681eb58cbd7cbf6c8d200caa2b (git)
Affected: c8f304d75f6c6cc679a73f89591f9a915da38f09 , < acb060bc2609c2eab49263968be59c7d59d497bc (git)
Affected: c8f304d75f6c6cc679a73f89591f9a915da38f09 , < a8a1c7621127a15a02494b96ee376406c064237b (git)
Affected: c8f304d75f6c6cc679a73f89591f9a915da38f09 , < cd8bcec2de5e24e05c34c9391940fda6f50e79b4 (git)
Affected: c8f304d75f6c6cc679a73f89591f9a915da38f09 , < 464bbb844ba5b68e038220c34019069a0a9f1581 (git)
Affected: c8f304d75f6c6cc679a73f89591f9a915da38f09 , < 6f52370970ac07d352a7af4089e55e0e6425f827 (git)
Affected: 6ee53f82540769a6d6e77e40b901f9b9edfa5ff2 (git)
Affected: 5.15.116 , < 5.15.203 (semver)
Affected: 6.1.33 , < 6.1.168 (semver)
Affected: 6.3.7 , < 6.4 (semver)
Create a notification for this product.
Linux Linux Affected: 6.4
Unaffected: 0 , < 6.4 (semver)
Unaffected: 5.15.203 , ≤ 5.15.* (semver)
Unaffected: 6.1.168 , ≤ 6.1.* (semver)
Unaffected: 6.6.131 , ≤ 6.6.* (semver)
Unaffected: 6.12.80 , ≤ 6.12.* (semver)
Unaffected: 6.18.21 , ≤ 6.18.* (semver)
Unaffected: 6.19.11 , ≤ 6.19.* (semver)
Unaffected: 7.0 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/irdma/verbs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "009831768faeca3fb5950ce63f1b49594ec82389",
              "status": "affected",
              "version": "0b3c392b82cdf867808a8ea7c6760d3c7e6b6627",
              "versionType": "git"
            },
            {
              "lessThan": "adf0de36e52a48681eb58cbd7cbf6c8d200caa2b",
              "status": "affected",
              "version": "07322c8a12d6c796450faacb8be9e5e3c278ec84",
              "versionType": "git"
            },
            {
              "lessThan": "acb060bc2609c2eab49263968be59c7d59d497bc",
              "status": "affected",
              "version": "c8f304d75f6c6cc679a73f89591f9a915da38f09",
              "versionType": "git"
            },
            {
              "lessThan": "a8a1c7621127a15a02494b96ee376406c064237b",
              "status": "affected",
              "version": "c8f304d75f6c6cc679a73f89591f9a915da38f09",
              "versionType": "git"
            },
            {
              "lessThan": "cd8bcec2de5e24e05c34c9391940fda6f50e79b4",
              "status": "affected",
              "version": "c8f304d75f6c6cc679a73f89591f9a915da38f09",
              "versionType": "git"
            },
            {
              "lessThan": "464bbb844ba5b68e038220c34019069a0a9f1581",
              "status": "affected",
              "version": "c8f304d75f6c6cc679a73f89591f9a915da38f09",
              "versionType": "git"
            },
            {
              "lessThan": "6f52370970ac07d352a7af4089e55e0e6425f827",
              "status": "affected",
              "version": "c8f304d75f6c6cc679a73f89591f9a915da38f09",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "6ee53f82540769a6d6e77e40b901f9b9edfa5ff2",
              "versionType": "git"
            },
            {
              "lessThan": "5.15.203",
              "status": "affected",
              "version": "5.15.116",
              "versionType": "semver"
            },
            {
              "lessThan": "6.1.168",
              "status": "affected",
              "version": "6.1.33",
              "versionType": "semver"
            },
            {
              "lessThan": "6.4",
              "status": "affected",
              "version": "6.3.7",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/irdma/verbs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.4"
            },
            {
              "lessThan": "6.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.203",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.168",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.131",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.80",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.21",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.19.*",
              "status": "unaffected",
              "version": "6.19.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.0",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.203",
                  "versionStartIncluding": "5.15.116",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.168",
                  "versionStartIncluding": "6.1.33",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.131",
                  "versionStartIncluding": "6.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.80",
                  "versionStartIncluding": "6.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.21",
                  "versionStartIncluding": "6.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19.11",
                  "versionStartIncluding": "6.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0",
                  "versionStartIncluding": "6.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "6.3.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix deadlock during netdev reset with active connections\n\nResolve deadlock that occurs when user executes netdev reset while RDMA\napplications (e.g., rping) are active. The netdev reset causes ice\ndriver to remove irdma auxiliary driver, triggering device_delete and\nsubsequent client removal. During client removal, uverbs_client waits\nfor QP reference count to reach zero while cma_client holds the final\nreference, creating circular dependency and indefinite wait in iWARP\nmode. Skip QP reference count wait during device reset to prevent\ndeadlock."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-23T16:05:23.988Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/009831768faeca3fb5950ce63f1b49594ec82389"
        },
        {
          "url": "https://git.kernel.org/stable/c/adf0de36e52a48681eb58cbd7cbf6c8d200caa2b"
        },
        {
          "url": "https://git.kernel.org/stable/c/acb060bc2609c2eab49263968be59c7d59d497bc"
        },
        {
          "url": "https://git.kernel.org/stable/c/a8a1c7621127a15a02494b96ee376406c064237b"
        },
        {
          "url": "https://git.kernel.org/stable/c/cd8bcec2de5e24e05c34c9391940fda6f50e79b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/464bbb844ba5b68e038220c34019069a0a9f1581"
        },
        {
          "url": "https://git.kernel.org/stable/c/6f52370970ac07d352a7af4089e55e0e6425f827"
        }
      ],
      "title": "RDMA/irdma: Fix deadlock during netdev reset with active connections",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-31565",
    "datePublished": "2026-04-24T14:35:46.006Z",
    "dateReserved": "2026-03-09T15:48:24.117Z",
    "dateUpdated": "2026-05-23T16:05:23.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-31565",
      "date": "2026-05-27",
      "epss": "0.00014",
      "percentile": "0.0269"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-31565\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-04-24T15:16:30.950\",\"lastModified\":\"2026-04-27T20:31:57.490\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nRDMA/irdma: Fix deadlock during netdev reset with active connections\\n\\nResolve deadlock that occurs when user executes netdev reset while RDMA\\napplications (e.g., rping) are active. The netdev reset causes ice\\ndriver to remove irdma auxiliary driver, triggering device_delete and\\nsubsequent client removal. During client removal, uverbs_client waits\\nfor QP reference count to reach zero while cma_client holds the final\\nreference, creating circular dependency and indefinite wait in iWARP\\nmode. Skip QP reference count wait during device reset to prevent\\ndeadlock.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.15.116\",\"versionEndExcluding\":\"5.15.203\",\"matchCriteriaId\":\"7CB05C1F-FB40-4C30-AA14-E56D6AC3BD9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1.33\",\"versionEndExcluding\":\"6.1.168\",\"matchCriteriaId\":\"09951E95-9B4E-464A-9DAA-53C3B5B22EA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3.7\",\"versionEndExcluding\":\"6.4\",\"matchCriteriaId\":\"B564FB8F-0797-43B6-8D10-1926A40F3099\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.1\",\"versionEndExcluding\":\"6.6.131\",\"matchCriteriaId\":\"523F816F-7981-495C-95C0-E3588239D4B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.80\",\"matchCriteriaId\":\"97EB19EC-A11E-49C6-9D2F-6F6EC6CB98B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.18.21\",\"matchCriteriaId\":\"ED39847A-3B46-4729-B7CA-B2C30B9FA8FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.19\",\"versionEndExcluding\":\"6.19.11\",\"matchCriteriaId\":\"4CA2E747-A9EC-4518-9AA2-B4247FC748B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE0B0BF6-0EEF-4FAD-927D-7A0DD77BEE75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F253B622-8837-4245-BCE5-A7BF8FC76A16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F666C8D8-6538-46D4-B318-87610DE64C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"02259FDA-961B-47BC-AE7F-93D7EC6E90C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D2315C0-D46F-4F85-9754-F9E5E11374A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"512EE3A8-A590-4501-9A94-5D4B268D6138\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/009831768faeca3fb5950ce63f1b49594ec82389\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/464bbb844ba5b68e038220c34019069a0a9f1581\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6f52370970ac07d352a7af4089e55e0e6425f827\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a8a1c7621127a15a02494b96ee376406c064237b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/acb060bc2609c2eab49263968be59c7d59d497bc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/adf0de36e52a48681eb58cbd7cbf6c8d200caa2b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cd8bcec2de5e24e05c34c9391940fda6f50e79b4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.