{"id":"CVE-2026-46117","summary":"RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()\n\nSashiko points out that the user can specify WQs sharing the same CQ as a\npart of the uAPI and this will trigger the WARN_ON() then go on to corrupt\nthe kernel.\n\nJust reject it outright and fail the QP creation.","modified":"2026-06-23T15:29:20.598688102Z","published":"2026-05-28T09:35:32.344Z","related":["ALSA-2026:27789","openSUSE-SU-2026:10954-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46117.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/159f2efabc89d3f931d38f2d35876535d4abf0a3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9cc0c6b1ba8cd5c55aef043e1384de0a8b4efa71"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9ef65af26b2a6738bf15812042e84b3112402d3a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/db991ba50087ad99fa12a2c483aa3be19671ea73"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46117.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-46117"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c15d7802a42402a87880a17eee89ff023e49ecc0"},{"fixed":"9cc0c6b1ba8cd5c55aef043e1384de0a8b4efa71"},{"fixed":"9ef65af26b2a6738bf15812042e84b3112402d3a"},{"fixed":"db991ba50087ad99fa12a2c483aa3be19671ea73"},{"fixed":"159f2efabc89d3f931d38f2d35876535d4abf0a3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46117.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"6.8.0"},{"fixed":"6.12.91"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.30"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"7.0.7"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46117.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}