PatchSiren cyber security CVE debrief
CVE-2026-31565 Linux CVE debrief
A deadlock vulnerability was found in the Linux kernel's RDMA/irdma component. The issue occurs when a netdev reset is executed while RDMA applications are active, causing a circular dependency and indefinite wait in iWARP mode. This deadlock can potentially impact system availability and performance. Linux kernel maintainers, RDMA/irdma users, and administrators of systems using affected kernel versions should be aware of this vulnerability and take steps to mitigate it.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-24
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-04-24
- Advisory updated
- 2026-07-14
Who should care
Linux kernel maintainers, RDMA/irdma users, and administrators of systems using affected kernel versions should be aware of this vulnerability. They should review system configurations, assess potential exposure, and apply patches or mitigations as needed. Security teams and vulnerability management teams should also be informed to ensure proper prioritization and remediation.
Technical summary
The vulnerability is caused by a deadlock that occurs when the netdev reset causes the ice driver to remove the irdma auxiliary driver, triggering device_delete and subsequent client removal. During client removal, uverbs_client waits for QP reference count to reach zero while cma_client holds the final reference, creating a circular dependency and indefinite wait in iWARP mode. The issue is resolved by skipping QP reference count wait during device reset. This change allows the system to avoid deadlocks during netdev reset with active connections.
Defensive priority
Apply patches or upgrade to a non-vulnerable kernel version to prevent potential deadlocks during netdev reset. Prioritize patching based on system criticality and potential exposure.
Recommended defensive actions
- Apply patches provided by the Linux kernel maintainers
- Upgrade to a non-vulnerable kernel version
- Monitor system logs for potential deadlock occurrences
- Inventory affected systems and prioritize patching
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
The CVE record was published on 2026-04-24T15:16:30.950Z and last modified on 2026-07-14T13:18:45.857Z. The NVD entry is currently Modified. Evidence is limited to CVE and NVD details. Defenders should verify affected kernel versions, patch status, and potential workarounds. Additional information may be found in vendor advisories and Linux kernel documentation.
Official resources
-
CVE-2026-31565 CVE record
CVE.org
-
CVE-2026-31565 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-24T15:16:30.950Z and has not been modified since then.