PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-43466 Linux CVE debrief

CVE-2026-43466 is a Linux kernel vulnerability in the mlx5e network driver’s TX error recovery path. On affected kernels, recovery reset logic could desynchronize the software DMA FIFO producer and consumer counters, so later TX processing could unmap stale DMA addresses from before recovery. The issue is associated with a kernel warning in iommu_dma_unmap_page() and was assigned CVSS 8.2 (HIGH) with network access, no privileges, and high availability impact.

Vendor
Linux
Product
Unknown
CVSS
HIGH 8.2
CISA KEV
Not listed in stored evidence
Original CVE published
2026-05-08
Original CVE updated
2026-05-21
Advisory published
2026-05-08
Advisory updated
2026-05-21

Who should care

Linux kernel maintainers, distro security teams, and operators running affected Linux kernels with the mlx5e driver in use, especially on systems where network throughput and IOMMU-backed DMA handling are important.

Technical summary

The reported bug occurs after a TX error CQE triggers recovery. mlx5e_reset_txqsq_cc_pc() reset dma_fifo_cc to 0 but left dma_fifo_pc unchanged, creating a producer/consumer desynchronization in the software-only DMA FIFO. After recovery, new DMA entries could be written at the old producer position while the consumer started from position 0, causing stale DMA addresses to be unmapped. The fix removes the dma_fifo_cc reset so the FIFO counters remain consistent across recovery, matching the existing approach used for skb_fifo counters. NVD lists affected Linux kernel ranges and references multiple official kernel patch links.

Defensive priority

High. Prioritize patching affected kernels on systems that use mlx5e, because the flaw can trigger runtime warnings and incorrect DMA unmapping during network error recovery. Fleet-wide kernel version validation and rapid backporting are the main mitigations supported by the source record.

Recommended defensive actions

  • Update to a kernel release that includes the mlx5e recovery fix or the corresponding stable backport.
  • Check deployed Linux kernel versions against the affected NVD ranges for Linux kernel releases 4.17 through 6.19.9, including the listed release candidates.
  • Verify whether mlx5e is present and actively used on production hosts, then prioritize those systems for remediation.
  • Track kernel logs for iommu_dma_unmap_page warnings and mlx5e TX recovery-related errors as indicators of impact.
  • Use the official kernel patch references linked from the NVD record to confirm the backported fix in your vendor kernel line.

Evidence notes

The CVE description explicitly states that the bug is in net/mlx5e TX error CQE recovery and that removing the dma_fifo_cc reset fixes a stale DMA unmapping warning. The NVD entry was published on 2026-05-08 and modified on 2026-05-21. NVD marks the issue as CVSS 8.2 HIGH with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H and lists affected Linux kernel version ranges plus multiple official git.kernel.org patch references.

Official resources

Publicly disclosed in the official CVE/NVD records with publishedAt 2026-05-08T15:16:59.543Z and modifiedAt 2026-05-21T15:39:39.883Z. The NVD record includes multiple official kernel patch references and affected-version ranges.