Description
In the Linux kernel, the following vulnerability has been resolved:

IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()

Fix a user triggerable leak on the system call failure path.
Published: 2026-03-25
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Patch Now
AI Analysis

Impact

The kernel’s IB/mthca driver omitted a call to mthca_unmap_user_db() when the mthca_create_srq() routine failed. This oversight caused an uninitialized kernel memory region to remain mapped, allowing a local user to read kernel data. The weakness is classified as a memory management flaw (CWE‑772) and results in a potential information disclosure; it does not provide direct code execution or privilege escalation.

Affected Systems

The affected product is the Linux kernel, specifically any kernel version that includes the IB/mthca device driver before the patch that adds the missing unmap call. No explicit kernel release numbers are listed in the advisory, so users should verify whether their current kernel contains the commit that fixes the issue.

Risk and Exploitability

The CVSS base score of 5.5 indicates medium severity. The EPSS value is below 1 %, suggesting a low likelihood of exploitation in the wild, and the vulnerability is not cataloged in CISA’s KEV. The attack vector is inferred to be local, requiring a user to trigger a failing mthca_create_srq() system call; the impact is limited to information disclosure through a memory leak, so overall risk remains moderate. Nevertheless, applying the kernel patch eliminates the vulnerability.

Generated by OpenCVE AI on March 26, 2026 at 15:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the Linux kernel to a version that includes the IB/mthca driver fix; consult the vendor’s update catalog or relevant commit references.
  • Verify that the kernel version in use contains the commit that adds the missing mthca_unmap_user_db() call.
  • If a patch is not yet available for your distribution, restrict privileged access to the kernel or temporarily disable the IB/mthca driver until a fix is released.

Generated by OpenCVE AI on March 26, 2026 at 15:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 09:15:00 +0000

Type Values Removed Values Added
References

Thu, 26 Mar 2026 12:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Thu, 26 Mar 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-772
References
Metrics threat_severity

None

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Wed, 25 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq() Fix a user triggerable leak on the system call failure path.
Title IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-04-18T08:57:39.473Z

Reserved: 2026-01-13T15:37:45.992Z

Link: CVE-2026-23289

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-25T11:16:23.887

Modified: 2026-04-18T09:16:16.707

Link: CVE-2026-23289

cve-icon Redhat

Severity : Low

Publid Date: 2026-03-25T00:00:00Z

Links: CVE-2026-23289 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:50:16Z

Weaknesses