CVE-2026-45922 Linux CVE debrief

Who should care

Organizations running Linux kernels with Mellanox ConnectX InfiniBand/RDMA adapters, particularly those using direct data placement (DDP) features. Cloud providers and HPC environments with high-throughput RDMA workloads should prioritize kernel updates. Memory leaks in kernel drivers can lead to gradual resource exhaustion requiring system reboots.

Technical summary

The MLX5_IB_METHOD_GET_DATA_DIRECT_SYSFS_PATH uverb handler in drivers/infiniband/hw/mlx5 allocates a device path string using kobject_get_path(). When the path length exceeds the user-provided output buffer, the function returns -ENOSPC without freeing the allocated string, causing a memory leak. The fix adds kfree() to the error path before returning. Affects systems with Mellanox ConnectX adapters using RDMA direct data placement features.

Defensive priority

medium

Recommended defensive actions

• Apply kernel patches from stable branches when available for your distribution
• Monitor Linux distribution security advisories for backported fixes
• Review systems using Mellanox ConnectX-5/6/7 InfiniBand/RDMA adapters for kernel update availability
• Consider enabling kernel memory leak detection (KASAN, kmemleak) in test environments to identify similar issues

Evidence notes

The vulnerability description indicates the issue was found using a prototype static analysis tool and code review. The fix adds a kfree() call to the error path when kobject_get_path() returns a path exceeding the output buffer length. Multiple stable kernel commits are referenced, indicating backport activity.

Official resources