PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-31565 Linux CVE debrief

A deadlock vulnerability was found in the Linux kernel's RDMA/irdma component. The issue occurs when a netdev reset is executed while RDMA applications are active, causing a circular dependency and indefinite wait in iWARP mode. This deadlock can potentially impact system availability and performance. Linux kernel maintainers, RDMA/irdma users, and administrators of systems using affected kernel versions should be aware of this vulnerability and take steps to mitigate it.

Vendor
Linux
Product
Unknown
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-04-24
Original CVE updated
2026-07-14
Advisory published
2026-04-24
Advisory updated
2026-07-14

Who should care

Linux kernel maintainers, RDMA/irdma users, and administrators of systems using affected kernel versions should be aware of this vulnerability. They should review system configurations, assess potential exposure, and apply patches or mitigations as needed. Security teams and vulnerability management teams should also be informed to ensure proper prioritization and remediation.

Technical summary

The vulnerability is caused by a deadlock that occurs when the netdev reset causes the ice driver to remove the irdma auxiliary driver, triggering device_delete and subsequent client removal. During client removal, uverbs_client waits for QP reference count to reach zero while cma_client holds the final reference, creating a circular dependency and indefinite wait in iWARP mode. The issue is resolved by skipping QP reference count wait during device reset. This change allows the system to avoid deadlocks during netdev reset with active connections.

Defensive priority

Apply patches or upgrade to a non-vulnerable kernel version to prevent potential deadlocks during netdev reset. Prioritize patching based on system criticality and potential exposure.

Recommended defensive actions

  • Apply patches provided by the Linux kernel maintainers
  • Upgrade to a non-vulnerable kernel version
  • Monitor system logs for potential deadlock occurrences
  • Inventory affected systems and prioritize patching
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

The CVE record was published on 2026-04-24T15:16:30.950Z and last modified on 2026-07-14T13:18:45.857Z. The NVD entry is currently Modified. Evidence is limited to CVE and NVD details. Defenders should verify affected kernel versions, patch status, and potential workarounds. Additional information may be found in vendor advisories and Linux kernel documentation.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-24T15:16:30.950Z and has not been modified since then.