CVE-2026-23384

UNKNOWN 0.0

RDMA/ionic: Fix kernel stack leak in ionic_create_cq()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix kernel stack leak in ionic_create_cq() struct ionic_cq_resp resp { __u32 cqid[2]; // offset 0 - PARTIALLY SET (see below) __u8 udma_mask; // offset 8 - SET (resp.udma_mask = vcq->udma_mask) __u8 rsvd[7]; // offset 9 - NEVER SET <- LEAK }; rsvd[7]: 7 bytes of stack memory leaked unconditionally. cqid[2]: The loop at line 1256 iterates over udma_idx but skips indices where !(vcq->udma_mask & BIT(udma_idx)). The array has 2 entries but udma_count could be 1, meaning cqid[1] might never be written via ionic_create_cq_common(). If udma_mask only has bit 0 set, cqid[1] (4 bytes) is also leaked. So potentially 11 bytes leaked.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Mar 25, 2026
Last Updated	Apr 13, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

e8521822c733c6deab0f339843cd37cd62c12795 < a6f3e0fa8e862f220c26c2f27e5ddc42eb82ad3e e8521822c733c6deab0f339843cd37cd62c12795 < 547d0b07ad73915b323bc21f85c5d3252bebbbcf e8521822c733c6deab0f339843cd37cd62c12795 < faa72102b178c7ae6c6afea23879e7c84fc59b4e

Linux / Linux

6.18

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/a6f3e0fa8e862f220c26c2f27e5ddc42eb82ad3e git.kernel.org: https://git.kernel.org/stable/c/547d0b07ad73915b323bc21f85c5d3252bebbbcf git.kernel.org: https://git.kernel.org/stable/c/faa72102b178c7ae6c6afea23879e7c84fc59b4e