CVE-2026-46127 Linux CVE debrief

Who should care

Organizations running Linux systems with Oracle Cloud RDMA (OCRDMA) hardware and the ocrdma kernel driver loaded should prioritize this update. Cloud providers and enterprises using RDMA over Converged Ethernet (RoCE) infrastructure with Oracle hardware are particularly affected.

Technical summary

The OCRDMA (Oracle Cloud RDMA) driver in the Linux kernel contains a NULL pointer dereference vulnerability in the `ocrdma_copy_pd_uresp()` function. The issue occurs because `pd->uctx` is referenced in error handling code paths before it has been initialized. When an error condition triggers these paths, the kernel attempts to dereference a NULL pointer, resulting in a crash. The vulnerability is local in nature, requiring the ability to interact with the RDMA subsystem. The fix modifies the error handling to use the valid `uctx` pointer that is available earlier in the function execution rather than the uninitialized structure member.

Defensive priority

medium

Recommended defensive actions

• Apply kernel updates containing the referenced stable commits when available from your Linux distribution
• Monitor vendor security advisories for kernel package updates addressing CVE-2026-46127
• If OCRDMA hardware is not required, consider disabling the ocrdma kernel module as a temporary risk reduction measure
• Review system logs for unexpected kernel panics or crashes that may indicate exploitation attempts

Evidence notes

Vulnerability description confirms NULL pointer dereference in error path of `ocrdma_copy_pd_uresp()`. Multiple stable kernel commits provided indicate backports to affected versions. No CVSS score assigned by NVD at time of disclosure; status is 'Awaiting Analysis'.

Official resources